URL filtering thinks domain.com is not a subset of *.domain.com

I think domain.com should be considered subset of *.domain.com. There are lots of web pages presenting the content in both with and without www prefix. Putting 2 different filter for the same domain is just stupid.

Is there any workaroud?

PA Trunks ?

I want set up two interfaces from PA as shown below. Traffic via Link will get to SW1 and on to S1, the same for the other link. The two are separated for security reasons.

The issue is that, say SW1 fails we will need to re-wire SW2 to allow conti

Can't Email Monthly Reports?

I can generate monthly custom reports, andI want to mail these to management but the email scheduler is only giving me the option for daily or weekly email schedules.   "Management" unfortunately aren't very keen on logging into the Palo to retrieve

VM-100 responding with SYNACK on all ports

Hey,

I've got an evaluation of the VM-100 (v7.0.2) setup, but I'm finding that for some reason the firewall appears to be intercepting requests and completing a TCP 3-way handshake, regardless if the ultimate destination has the port open or not. H

block http download based on the download file hash value

Dear all,

I have asked to look for a solution,  we want to receive alert based on specific file download via http, we have the file MD5 or SHA1 hash value.   Can I do this with a PAN?  The filename could change,  I don't know the file size but I ha

Palo Alto networks PA-500 with PowerDesine 3001 POE modem

Hello,

I like to replace the cisco ASA 5510 with PA-500 in the company . I do all the necessary configuration in the PA-500 but always it still a problem of internet connection. I configure the PA-500 with the same specification configured in the C

Possible to change the config-output-format to set for web UI config audit "previews?"

Hello,

Is it possible ot change the config-output-format of the web UI config audit previews to `set`?

Thanks,

Matt

Beware ! PAN-OS 7.0.2 - Seemed to kill AV and inspection

Hello 

Environment

Rule base is established and working with LDAP integration for users .
Outbound SSL SSL decryption is also setup  and working 7.0.1
Rules allow a group to talk to the Internet.
Security profile are used for AV, Anti Spyware , URL

Deny the access to the servers in LAN zone

Hello,

I need to restrict the access to a critical server in our company i the LAN zone . I add a security rule that restrict for exemple the address 192.18.1.25 to access to database server tht has the address 192.168.1.20 . I add a security rule fr