Is there a Captive Portal type solution for non http/https services?

I am looking for a method to force identify users coming in over the internet trying to connect to an internal resource using MS-RDP.

I originally thought I could use Captive Portal for this but CP documentation indicates its only works with HTTP & H

Ethernet logs on palo alto

My internet link is terminated on ethernet 1/3 of palo alto firewall, how can i can find ethernet logs on firewall to troubleshoot circuit issue and report it to service provider?

DIPP A/A Enviroment Floating IP

Hi Guys,

we´ve an Active/active Cluster enviroment. For the normal Internetconnection we will use Source/Hide NAT (DIPP).

At the moment we will NAT on both firewalls the traffic through the interface IP. This works fine, the failover is

ok only one pak

topology

Hi,

I have the below topology .

Planning to put  PA in vwire mode in betweent the asa and core in active standby.

If r1 fails and asa1 is active and asa2 is standby  ,asa2 will become active .

. Lets say pa1 is active and pa2 is standby .

When asa change

Opened session remains after threat triggered block-ip. WTF!

Hi, I've been testing the block-ip action in spyware DNS signatures. I was an RDP session before the threat triggered the block-ip action. Then, no more connections are allowed (what is OK), but the RDP session remains open.

Is this a normal behaviou

Trail Softawre required

Dear All, i need trail software of PA,for vm.How can i get with full features sothat i can test it in my environment

http proxy -session end reason decoder.

All traffic via firewall works fine except http-proxy. PC makes connectio with http-proxy but the proxy session keeps on dropping. session end reason decoder. Is that normal for http-proxy app.

Geo block -- Allow only one country.

How can I geo block all countries except the one where the firewall is. Looking for easier way rather than select all countries

except one and deny.

Confused over EBL size limit

We have a 3020 running 7.0.8 and are experimenting with MineMeld.

As soon as we get close to 5k IPs on the combined EBLs we get an error on a EBL refresh that it's been truncated as it's over the limit.

Palo Alto's own KB suggests that on an entr

Panorama installed as a Centralized management

Hello everyone,

I need help.

I am already have a M-100 installed as a centralized management. Can I use as a log deploy too ? And how I can do it.

Thanks everyone

License Transfer

Hello,

I am not sure if this is the right place to seek this type assistance.

Is it possible to transfer subscriptions from PAN-3050 to VM-300 or VM-500?

The client has a pair of PAN-3050 with TP, URL4 and Wildfire subscriptions which will be expired