Mitigation for DHCP Starvation attack in shared network zone (e.g.Eduroam)

Hi everyone, 

Is there anyway for us to utilize Palo NGFW to prevent or mitigate DHCP starvation attack. 

For example, a user's BYOD device is infected with malware, after authenticated with eduroam network, the device start performing DHCP starvatio

IPsec VPN to tunnel public IP

We have requirement where client is wants to access internal resource over IPsec. 

Resource already exposed to internet and has public IP IP x.x.x.x, can the client access the x.x.x.x resource over IPsec 

and the same IP x.x.x.x will be available for

Need help for account license

Hi All,

My organisation purchase two quantity of PA-800 series firewall and associated license also. Problem is we have not received any account creation mail from OEM to register the devices and linked purchase licenses. Should palo alto provides

PA - 3220 Secondary box Tech support file.

Hi expert,

we are trying to Generate the Tech support file using Cli.

The TSF file generated but file is not same as we are extracting from GUI. 

The File size is only two Mb. 

GUI response is very slow we are not able to generate the tech file.

rulebase -> security -> rules -> permit_common 'permit_common' is already in use

After importing configuration and after clicking on commit I get this, who know how can I solve it
rulebase -> security -> rules -> permit_common 'permit_common' is already in use

Thanks

PPPOE authentication with Plusnet FTTP not working

Hi I wonder if someone can help with this issue, it's a weird one I have a PA-220 firewall connected directly to the ONT provided by BT and I am trying to get FTTP broadband working using PPPOE, the interface on the PA-220 that is connected to the ON

Having issues with ipsectunnel after upgrading FWs(5260s) to 10.1.3

Hello Palo Community!

I have a a couple of ipsec tunnels connecting to a cloud vendor providing ERP services to our users. Since we upgraded our FWs to 10.1.3 a couple of weeks ago from 9.1.10, we are having issues with connection slowness, timeout

intrazone default

Hello,

I am observing that tcp connection between two hosts remaining in the same zone are not able to establish TCP connections [htts], while ICMP is successful. Tracing the traffic it shows up as application incomplete, rule intrazone default is hi