Resolved! How to block www.youtube.com completely

Dear All,

Appreciate if you can advise how to block www.youtube.com completely. I have try using URL-Filtering and application layer level but still failed. I am using PA-3020 OS version 7.0.3

Imran

Resolved! arp not found

Yesterday I attempted to move our Internet connection from a copper interface on ethernet1/1 to fiber optic on ethernet 1/13 on a Palo Alto 3020. 

I ensured both interfaces were members of the  same security zone and modified the Default route of def

Resolved! Reduced bandwidth after 7.1.2 upgrade

After the upgrade to 7.1.2, I've notice that my bandwidth has reduced by 80% over a Metro E Gig connect. Any one else seen this problem or has a resolution for it?

Resolved! RADIUS authentication: MS-CHAP v2?

Currently, my PA-3050 devices (PAN-OS 6.1.12) utilize RADIUS authentication.  I know that this uses the completely unencrypted PAP protocol.

I have asked PAN about MS-CHAP v2 support in the past and was told that the device must be placed into FIPS m

Resolved! User based ssl decryption

Hi,

I try to test ssl forward proxy decryption. It works fine if I use IP address as a source but if I use Users(domain) as a source it doesn't work. I can't use IP's for testing because our IP's floating. What I need to check in configuration?

Toni

Resolved! GlobalProtect 3.0.2 setting VPN DNS on WiFi adapter

Hi,

I'm having a single client, running Windows 10 Pro, that we're having issues with.

When the user connects to their network at home, they are unable to connect to VPN, and it seems like the issues is caused by GlobalProtect setting the WiFi adapter

Resolved! QOS & Aggregate Interfaces

Hello,

In our QOS Aggregate Eth. Interfaces we cannot assign an egress value greater than 1000.

(LACP Bundle is 2 x 1Gbit on eth4 + eth5)

1. Why ?
2. Do we throttle down throughput to 1 GBit/sec. in the Aggregate ?
3. Shall we leave egress value in profile and Int

Resolved! Is there any restriction for application to add in Policy based forwarding

Is there any specific reason that all application is not avaialbe to add in policy based forwarding.

For ex: I am trying to add "panorama" in policy based forwarding, it is not there.

I have to addd port 3978 instead of application. Is there any reason

Resolved! Globalprotect client authenticate with a certificate not working anymore

Since we use our Palo Alto firewall, our users there Global Protect Client authenticate with the firewall through a certificate that is deployed thorugh Active Directory. Our Global Protect Client version is 3.0.2.

Since we updated our Pan-Os version

Resolved! RSH session issue passing through the Palo Alto

Hi Guys,

Interesting one. 

1x2.1x4.1x4.1x5 makes an initial connection using RSH the 192.168.0.20 then creates a separate RSH session back to the originating server but this always fails as the Palo seems to ignore the rule and NAT that is in place f