Block unwanted traffic on port 1720

Hi,

I have a voice/visioconference system available on the internet (via NAT-ed IP) using H323. So of course the port 1720 is open and reachable from outside, without restriction on IP addresses because users must be able to reach the system from t

Authentication Profiles on Global Protect

Is it possible to have two sets of authentication profile on Global Protect ? One ste of users authenticating through AD and another set through digital certificates only . 

What is the misc field in the threat syslogs supposed to show when the subtype is vulnerability?

Hi everyone, I'm sorry if this has been answered elsewhere-- I'm new to this livecommunity thing so, although I tried to search for an answer before posting-- I may have missed something...

I'm running PanOS 6.1.7 and I can't find anything that exp

Port 5222 traffic denied after Google-base update

Port 5222 traffic is being denied after the google-base update. End users using xmpp client, like trillian, are not working. Any workaround besides explicitly allowing that port?

Thanks!

SRX Config - XML Invalid

Since upgrading to MT 3.2.4 I have been unable to import the XML file from a SRX .  Previous to this release (3.2.1), I had no issues with the same XML.  However, it is not working on 3.2.4

The XML file is correct with the configuraiton tags at the

Meaningful User Reports

• PA-500
• Software Version 7.0.3

How do I generate meaningful user reports, or how do I better interpret the reports that are available.

With a User Activity Report I get application statistics, browsing summary by category etc.  But I can't say "Use

third party VPN clients with PanOS 7.0.3

I was curious if anybody else has seen this issue, or could perhaps try to duplicate it.

I have a problem with third party VPN clients after upgrading from PanOS 6.1.6 to 7.0.3 on our PA-3020s.  Specifically, the built-in IPSec VPN client on Mac OS

SSL Decrypt

Hi

We have a guest wifi that availave to all and sundry to be used by using their own equipment. We would like use SSL Decryption on this.

The main issues is that for guest device we have no control over this to be able to install the CA cert ont

Can I choose what categorizes I choose for allowing SSL-Opt Out Pages?

Hello All,

I am after some help with SSL decryption?

We currently want to decrypt ALL SSL traffic.  However moving forward there are 3 catorgies we wish to bypass SSL decyption for BUT only with the use of the opt-out pages not a blanket SSL cato

we're starting to get "WildFire Public Cloud channel registration received invalid cloud info"

SYSTEM ALERT : high : WildFire Public Cloud channel registration received invalid cloud info"

errors all of a sudden. No change on our side.

varrcvr.log only reports

2015-11-24 08:25:24.386 -0500 Error:  pan_fbd_fwd_report_process(pan_fbd_fwd.c:40

Import named configuration snapshot failure

I'm trying to import my production Panorama VM configuration into my lab Panorama VM and I am getting the following message, and I'm not entirely sure what it means:

upload -> config -> content Node can be at most 41943060 characters - current leng