Applications using non standard ports - Palo Alto best practice

Ok I'm pretty sure this has been covered elsewhere however I cannot find anything on it. 

Let me give you some background on the config: 

Currently using software version 6.0.5

SSL decryption in operation

Trust to Untrust traffic flow direction

Ok so I

What are these mysterious pcaps?

Hello,

I've noticed a boatload of application-pcaps - between 5-15k, on days where they are captured.  There are captures from most days, but not every day.

As far as I know, I don't have any traffic captures enabled.  All of the following show that ca

Block specific Shared Folder

Is there a way to block  access to a specific shared folder of a file server?

I need to block the Access from a network , but only one shared folder of a file server.

About 2 Terabyte Local disk limitation of Panorama.

Hi,

After VMware ESXi 5.5 or later ,the maximum supported VMDK size on an VMFS-5 datastore is increased to 62 T.

Does it mean that Panorama can utilize more than  2 Terabyte with local disk but not to mount a NFS partition ?

Have somebody try this ?

Be

Problems creating IPSec VPN to Cisco ASA

Hi,

I have been having difficulties trying to configure an IPSec tunnel between a PA500 and Cisco ASA.  I can get the tunnel up as it show's as green under the IPSec section however no traffic seems to flow through the tunnel and there is no connectiv

DNS Proxy doesn't work

Hi,

I configured dns proxy like have been deescribe on palo-alto but it doesn't work at all.

I made this steps:

1 - enabled dns proxy on l3 vlan interface

2 - set two dns servers to use

3 - enabled cache

But i don't see anything in dns proxy cache.

Maybe i

IP Renumbering - trying to avert a slow motion disaster

PAN-200

PAN OS 6

I am no networking guy, but he left, so there is me dealing with this.

We've embarked on a great project to renumber our IP addresses with very little thought in advance.

There aren't that many, we said. What could go wrong, we thought. 

ONE External IP to MANY Internal IP NAT

I believe I know the answer after looking around.

We have NATs that work fine when it is 1to1.

But what about  1 External IP that represents many Internal Hosts?  We have multiple websites that when you do a lookup in DNS, they all point to a singular

Server certificate verification failed

Hi there,

I wonder if I can finally resolve my continuous problems with GP and Windows machines.

I have 0 problems with Android and Apple devices but Windows XP,7,8 or 8.1 give identical outcome. Problems, Problems and more problems.

Please let me start

Has anyone been able to correlate performance issues due to the number of security rules present?

I was thinking about writing very specific security rules for around 15 hosts.  The rules would essentially whitelist traffic by destination ips and application.  I am somewhat concerned that adding this many additional rules could potentially slow t

PanOS 6.0.7 posible bug with dns_proxy

We have tested the new version 6.0.7 and have found a problem with the dns proxy. The service stopped working.

Best regards