Placing valid Panorama management SSL certificate using internal CA

Using Panorama 6.0.0

Followed the work instruction here:

How to Generate a CSR and Import the Signed CA Certificate

I create the certificate signing request populating all required parameters

I am using Venafi for certificate management.

Venafi enforces

How to show interface running speed ?

I want to know the command to show "running speed" of interface include physical and "ae" interface ?

Please help me

Thanks

User-id don't read security log

I have several domain controller configurated on user identification configuration  in a Palo Alto with 5.0.8 version. Just one of them seems to function properly and if I use the command "show user server-monitor state all" I obtain this:

Server: CD0

How to handle email alerts

Hi Everyone,

After firing up my new Palo Alto IDS, I turned on the ability to send emails for medium, high and critical threats.  However, when hundreds of threats are detected in a short window, I get hundreds of emails.  All of them are about the sa

DNS query responses do not travel through a firewall in Windows Server 2003

Is anyone aware if this issue, http://support.microsoft.com/kb/828263, is an issue with Palo Alto firewalls.  We are having an issue with smtp and want to eliminate if its a DNS query response issue with MX records.  The microsoft KB article only ref

SSL Decryption

Why we need a certificat to implement SSL decryption, can we do SSL decryption without a certificat I really didn't understand why we should implement a certificat, for example facebook has already his certificat so wy can we detect the facebook flow

Possible problem with FQDN adresses in security policies

Helo

I have few policies that uses FQDN adresses as a sources. Today one of my friends try to conenct to serwer with putty - but he can't connect.

He used modem with dynamic IP but he used dyndns.org service and I have in policy his domain name.

I also

HTTP DDoS attack block signature

I need to know how to create a custom signature to block HTTP DDoS attack signature against our Web server.

The common pattern I can observe in the attack is - either (1) Automated specific URL access  or (2) URL access request with Cache-Control: no-

Group HA Peers are out of order in Panorama 6.0

When I select the "Group HA Peers" in Panorama 6.0, my Active firewall in the pair shows up underneath the Passive firewall in the "Managed Devices" display.  Also, the Active firewall shows up in the parenthesis instead of the Passive firewall.

Does

Blocking WebCam Traffic

Hello All,

I'm sort of new to the Palo Alto firewall world, I had a question about blocking traffic to those adult free live cam sites, I dont want to block skype or facetime or anything simliar. All I really want to do is block specific traffic from

allow Skype and Block Skype VoIP and file sharing

Hi

I've been asked if I can use our Palo's to allow skype messaging only and block users to make calls and send/receive files using Skype.  I already seen some discussion saying that this is not possible but i'm wondering if paloalto comes with someth