Allow streaming-media for training sites that use youtube links

One of out departments recently purchased access to an online training site that uses youtube to play some of the videos within the courses. We block all streaming-media on our network as a general rule on our PA 3020. I would like to allow access to

Source users no longer showing up in Monitor and ACC

A few weeks ago I noticed that in our firewall suddenly all the Source User fields are showing blank. This is very strange since it happened without any changes being made to the firewall or the Domain Controller. We populate user IDs using LDAP. All

vwire using a single physical interface possible?

Right now we use a standard vwire with 2 physical interfaces.

We're about to make some hardware changes that means that the vwire input and output will be from/to the same physical switch.

If I have to use 2 interfaces then on that switch I'll just b

How to block Tor browser and Freegate proxy tunnel?

Hi,

Does any one know how to block Tor and Freegate? Seems, Tor and freegate APP-IDs are not working

GP user access using internal DNS

Hi all,

when GP user need to access internal resource, i want them to use vpn assigned internal dns server, but currently user
still go to ask local dns on their PC. and if user access via ip, it is OK. How to break it out ?

HA issues

I have 5060 pair (pan1 and pan2) with 7.1.2 in HA. Whenever pan2 interfaces are up, not shutdown, sooner or later we experience issues. It doesn’t matter if pan2 is active or passive. Could it be h/w ? Config is in sync

Site to Site VPN between PA200 and any third party device.

Hi all

   Please help me to sort out the situation below.

We have one PA 200 is working fine in the main office. The main office have the static WAN IP and it is acting as the SSL VPN gateway. Now, we need to connect a small brach office to main offi

Help on CSV Output Feed

I'm looking to output feeds to a format that I can ingest in some log analysis tools, and need to output fields that I have defined in miners. Is there any information on how to access that data and output it?

SSL certificate cache

Hi,

there are various settings in the decryption profile and also under Device -> Sessions -> Decryption Certificate Revocation Settings to controll how the firewall should deal with expired or self-signed certificates etc. I am currently testing thes

staticupdates URL and missing software version

Hello,

On a Panorama 7.0.2, using the update from "staticupdates.paloaltonetworks.com". Some versions are strangely not showing .

For PA200 image, we can't see the updates for 7.0.1 and 7.0.2.

I can't test with the URL updates.paloaltonetworks.com for

PA-3020 - PANOS 5.0.6 - Can't confgure QOS with source address

Hello,

The node configured with a source interface and source adress can't be matched : the qos node Qid should be 1 and not 0.. PAN OS : 5.0.6

///////////////////////////////

admin@Bellan-PA-3020-1(active)> show qos interface ethernet1/1 match-rule

QoS