Did you know that you can help your fellow community members by accepting solutions when a reply answers your question Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature
...
Hi,
We're planning to use the Palo URL filtering features to replace Websense.
Just wondering if it was possible within Palo to do any kind of URL filtering time-quotas?
For example, a user might be able to look at 'shopping' category sites for 60 minut
...
Hello,
I'am trying to imort a certificat using CLI (set shared certificate AVF-ROOT-CA-2014 public-key command) but the device is only taking the first line of the public key. So i'am searching for the correct way to issue the command so that the CLI
...
Hi,
some users reported they are unable to use Google-Translate any more. I saw in the logs, Clients are trying to download GZIP files with the app google-translate-auto and google-translate-manual:
I'm sure, the users were able to use Google-Translate
...
Hello All,
Anyone knows that how to restart captive portal process?
Thanks.
Regards,
Joy
Hello,
Is there a list of all the DNS Querys that PA considers suspicious?
I was considering changing the default action from alert to block for these signatures.
Since there is potentially 1 million URLs that will automatically get blocked when adjuste
...
Greetings,
Soon I need to get our firewall off from tap mode into a virtual wire deployment. We'll be placing it between our router and core network switch, with no local secondary production subnets to worry about so virtual wire seems to be the tick
...
Good morning,
I am John Hauser, a trainer for Fishnet Security, and I have been tasked with upgrading our lab environment from our old PA-500 hardware units to the VM-100 FWs. I have very little VM experience both on the initial setup of the VM side
...
I created a new document from lab testing the Juniper SRX to Palo Alto VPN connections using OSPF on a route based VPN. But the only place I have permission to upload files is in DevCenter. So here is the link for anyone who needs the setup instruc
...
If you have a DoS policy setup with both an aggregate and a classified DoS profile to protect a webserver and you see flood logs in the Threat Tab.. is it possible to tell whether or not the flood matched on the aggregate or the classifed DoS profile
...
Is the throughput on the PAN VM series an arbitrary cap set by the PAN software?
It seems that it certainly shouldn't be on the hardware side as one could do 10gb netorking, put it on SSD and throw as much ram/cpu at is as they desired. And I would t
...
I have the following rule
I used 'any' as the service because we have web servers running on multiple ports and not just on the default.
While it does match ssl and web-browsing traffic as expected, it also matches unexpected application traffic like
...
Hi,
My PA-2050 recently management cpu always high to 70%, and 100% when commit.
check the log as below,
appweb3 error: : appweb3: Error: Ignoring unknown directive "Action" At line 121 in /etc/appweb3/appweb.pan.conf Make sure the required modules ar
...
Hi All,
I wish to ask do i have to have my own Certificate in order to use SSL decryption feature, in order to decryption my users SSL traffic ?
OR i can just go and setup this feature and use it right away ?
I use PA-VM-100, PAN OS 6.0.4
I'm having trouble authenticating with a second VPN tunnel that I've created.
I've created a new Portal and Gateway, almost identical to the previous ones. Obviously with it's own external IP, certificate that fits the given domain.
Created a new Zone
Is it possible to disable SSLv3 and TLSv1 for Global Protect?
Vulnerability scanners flag the interface of the PAN where Global Protect portal/gateway are hosted as it allows these deprecated versions.
TomYoung
on:
Confused about QoS on Palo, need some assistance.
TomYoung
on:
Static Port Address Translation question
