General Topics

Is it safe to enable IP Spoof Protection on Untrust Zone

Dear Experts,

I was wondering that shall I enable IP Spoof Protection on Untrust Zone, as it identify the source IP address as per routing table. Any request coming from Internet will have some public IP address (Normally) and PA will not have those

Allow docx, xlsx and block zip file in paloalto lasted version?

In Paloalto lasted version. Paloalto can block zip file and allow compressed Office documents (Ex.docx, xlxs). If not Paloalto have any roadmap for this requirement.

Thank you.

Google Play Store Problem

Hey guys,

I have a strange problem:

I have a security rule that allows google-base and google-play.

However, in the logs the google-base app is denied with the imlicit-deny rule at the end.

The firewall doesn't find my allow rule?

What is wrong?

Make exception in vulnerability

For our website we host a database in our DMZ network. When we recieve a lot of calls from the website to the database the connection get a reset because the firewall see this as an attack (40031). Is there a way to configurate that the firewall allo

palo alto and panorama integration

Hi All

i would like to seek and advice from you all regarding the palo alto firewall and panorama integration

we have deployed 2 pair palo alto firewalls 1 pair in DC A and 1 pair in DC B.

now we want to deploy the panorama so for the common rule we c

How to allow facebook's workplace and block other social network

Hi Folks,

How can i allow only facebook's workplace(https://workplace.fb.com/)  ?

i have configured url filtering but still no success.

Url filtering have configured like below:

Anyone using save/load filter optins under Monitor tab?

Out of curiosity is anyone using Save Filter and Load Filter options under Monitor tab and find them user friendly?

I have mentioned to Palo representatives few times that filter field should have droppdown history like browser address bars have but t

DHCP Discard session

Scenario is we have ISP connected to Outside zone.

DHCP server on Inside Zone.

On Each satellite we have DHCP relay configured to readh DHCP server.

Whenever there is any issue with Power at location where interface connected to inside zone goes down.

Tr

Mac book throws untrust certificate after user identification timeout.

Mac book throws untrust certificate after user identification timeout.

MAC Book unable to operate with Kerberos authentication. If working, provide configuration details.

MAC Book unable to operate with Kerberos authentication. If working, provide configuration details.

Is it possible deny the user access web site by proxy???

The scenario is just allow user access system directly, deny all if using forward or reverse proxy such as nginx、apache2、liqud and so so??

What should i set? Application or other else?

URL Filtering by IP

Hello,

We would like to report on web browsing based on the IP off the user's computer, not username (or Identity). Can someone offer a guide, or point me in the right direction? Thank you.

New Pan OS 8.0 Release date

Hi,

Palo Alto Engineer said clientless VPN will release with new PAN OS 8.0 in near future. I just wanted to know what is the exact release date for new PAN OS?

Thanks,

Lakshitha.