Resolved! URL filtering
Who is using URL filtering? Is it worth the added cost? Is there any way to do it without the license?
Who is using URL filtering? Is it worth the added cost? Is there any way to do it without the license?
Hi Community,For the past 2 days PA's globalProtect is really becoming a headache for me. PA is becoming pain for me on these days.It won't connect, stated as not connected, sometimes it stuck at "Connecting", and if that's the lucky hour, it will connect once or twice. I've tested it on so many computers, restarting the pc, uninstalling GP, and...
<deleted>
https://live.paloaltonetworks.com/t5/Articles/How-to-Configure-DNS-Sinkhole/ta-p/58891 explains how to configure DNS Sinkholing.In step 3 the anti-spyware profile is added to the security rule that allows DNS traffic. Does logging (at session end) need to be enabled on that rule for sinkholing to work ?Or does it only have to be enabled on the r...
Hi all, What are you doing with traffic identify as "insufficient-data"?I know we are supposed to do pcap and trying to identify if then create custom app but ... on real life 🙂 Although you have created a rule for denying all, insufficient-data still go through the firewall (like "unknown" traffic) inbound and outbound !! Most of this traffic ...
I have a highly regulated environment with multiple internal security zones. We need to be able to run our vulnerability scanning solution against servers in separate zones on a routine basis.It was simple to exempt the scanner's IP from the Threat Prevention stuff (created a new security profile group which alerts on everything instead of block...
Hi thereIm seeing NAT DIPP fallbacks quite a lot relating to a NAT rule, theres does not appear anything not working so im wondering if its somehting that im not noticing work. Ocasionally it feels more sluggish that it should when browsing web pages but thats about the only thing. There only one nat on the firewalls its set to fall back to an...
PANOS 6.05 inbuilt PAN certificate authority doesnt seem to have the ability to generate a certificate with subjectalternate value for UPN (user principal name e.g [email protected] ). This is the standard way that Microsoft embeds usernames (UPN format) into certificates, On PAN CA generated certificates you could set the username/samaccountn...
Hi ,Runtime bandwidth shows more than maximum egress value ? . What could be the reason Thanks
Hi, we are receiving these tries about SQL injection but our Palo alto is not detecting it. How can we do that PA detect this SQLi????? we have updated the threats signatures. Sql injectionGET /ficha-modelo?id=2&entidad=99999999%27%20oR%20%277%27=%277 HTTP/1.1" 500 59878 "-" "Mozilla/4.0GET /ficha-modelo?entidad=!S!WCRTESTINPUT000000%3C%3E%3...
I'm stumped. I've looked through as many pieces of documentation and discussions as I can find and I think I have everything set up correctly, but it's only half working. What I have is two PA-5050s in Active/Active. I have two routers on the outside, each has a L3 connection to both firewalls. I have two routers on the inside, each has a L3 ...
at the right-most column on the 'browsing summary by website/url-category' are the totals in hours or minutes?
I played around on our lab FW a bit but couldn't get this working. Here are my objectives:- Create a "White List" custom URL category that allows only a handful of web sites. (Working with URL Filtering profile.)- Log all permits (Working. I got this by setting Action to alert)- Create a "Black List" custom URL category that denies a bunch of "n...
Good Afternoon I have a request to look into a way a Level 1 - 2 Support Person can easily bypass a blocked URL. Be it by policy, a custom button on the response page, captive portal, or a combination of whatever might be needed to do so. Has anyone set something like this up? Is it possible? And what would be the best practice or best metho...
Hello, I have two questions.1.How many can I create url-filtering profile on 5050? 2. And I have watched as below output of cli on 3020,sylee@PA-3020-uquest(active)> show system state filter cfg.general.max* | match profilecfg.general.max-profile: 150 Is this count including all profiles(AV , AS , Vul , URL , File , Data)?If right, Can I crea...
| Subject | Likes |
|---|---|
| 4 Likes | |
| 3 Likes | |
| 2 Likes | |
| 2 Likes | |
| 1 Like |
| User | Likes Count |
|---|---|
| 7 | |
| 5 | |
| 3 | |
| 3 | |
| 2 |

