We have a DNS name genieo that is not being recognized and is not included in the signatures. Two things first is there a way to identify it with a custome signature with the object/anti-spyware and then be able to send it to a sinkhole?
Hi,
I'm trying to understand a QoS functionality, let's see if anyone can help on this case.
I have a webserver on a DMZ and want to asure 15Mb from inside to outside, that is, in case of congestion in DMZ, priorize the Http traffic (respond http reque...
Hi,
we have 2 rules. the first one filtering by application FTP
and the second one with the same source/destination like the rule above and using any/any permit.
We run ftp connections. all these FTP connections should match in the first rule fi
...
Trying to narrow it down and determine the minimum set of applications/services that need to be allowed for a user to login into a Windows 7 client in one zone and authenticate against a Server 2008R2 AD Domain Controller in a different zone? The Win
...
We are receving this alert for the certificate expiration
we have configured MDM with one of trusted root certificate (this got expired and we renewed that recently)
MDM---->created with root-CA certificate
certificate:
--root-CA (this was expire
...
It has been noted that our global protect portal is reachable from the internet using port 4443 and is presenting a self signed cert which is seen as a security vulnerability. Can you let me know if port 4443 is necessary in terms of GlobalProtect co
...
just in the process of switching to a vulnerability profile which is not shared to vsys specific vulneability profile. Is there an easy way to change a vulnerability profile in 250 security rules without having to manually visist every rule?
Hi guys,
Applied two licenses to my devices in HA for a one months extension for PAN-DB URL filtering. I applied it to the passive first successfully (shows as active), but now the current active doesn't have an active URL license.
I have followe
...
Hi,
I would like to don't upload email-link to wildfire cloud.
Usually I choosed "any" for file types in file blocking profile.
But I have to check each file types for except "email-link".
What file type I should choose?
Currentlly, there are 81
...
Hi All!
I am having an issue with globalprotect updater and UAC. It seems that when GP wants to update to a newer version it uninstalls fine, but then my users get a UAC prompt when it wants to update. Because they are not admin accounts the update
...
Hello Community,
We're thinking of becoming a Palo Alto Training Partner. Can someone please let know the process in becoming a training and partner and any links.
Regards
Hello i need for you help.
The client has device connected in virtual wire mode and wants to configure another interface on the device that will connect to your LAN where their servers are and can see users who connect to the virtual wire mode.
T
...
I have not been able to find an answer to this in the searching I have done. Does ECMP take into account the current load on the paths before choosing a path? We are using 'balanced round robin' on our metro-e links between locations, we have two pro
...
I am unable to access this site in any way throuth my PA 3020 With Pan Os 7.1
Obviously is possible through a direct connection
Can someone try and temm me if is the same ?
https://www.spcconnect.com/
What is the point of not allowing us to configure if we want to summarize our IPsec routes for 3rd party clients on GlobalProtect?
I don't get why this is forced on us and only browsable through the cli... not very nice.
TomYoung
on:
Panorama Using Groups in Policy
PavelK
on:
Panorama HA Sync Failed
