Some VPN packet is being dropped and particular counter increased and traffic slow.

Hello guys,

I have a issue about the IPsecVPN tunnel.  One side of IPsecVPN tunnel is slow for receiving traffic but opposite side is OK to receiving traffic.

flow_tunnel_activate                       2        0 info      flow      tunnel    Number of

Custom signature for Wordpress

I am fairly new to custom signature in Palo Alto, just so you are warned. I am trying to create a vulnerability signature for detecting wordpress.

The Get request will contain /? followed by 5 digits or more. User agent will be wordpress/ followed by

LAGG Interface Documentation

Is there any documentation about how to configure a LAGG interface in PAN-OS 6.0?

I’ve read through the administrators guide, and did a search on the PA documentation web site, and I couldn’t find anything.

Thank you!

--

Rick

In my PAN firewall, I can see a lot of spyware detection in Monitor tab.

Hi,

I can see a lot of spyware detected by PAN firewall. The threat is like- "Suspicious DNS Query (conficker:xtujyzyo.net)" .

Does anybody knows about this kind of issue?

Replace a panorama managed device with a new device (different model)

Hi All,

We need to replace old PA2020 (PAN-OS 5.0.10) that is managed via Panorama (PAN-OS 6.0) with new PA3020.

Referring to Panorama adminstrator guide 6.0, "How do I replace Panorama or a managed device in the event of a hadrware failure/RMA?"

Questi

Havex Malware

Hi all,

Do you have any information about PAN detection capability for the Havex malware family: http://www.f-secure.com/weblog/archives/00002718.html

Threat vault seems to produce no hits at the moment.

Tuomo

Split tunneling on iOS

Playing around with IPSec VPN on a PA-500 for my mobile users. On iOS, it's working fine with the built in IPSec VPN client, but split tunneling is not supported. I'm wondering if this feature is available if I use the GP client app instead of the bu

Commit fail error "Duplicate user name"

Hi. all..

I Have a question about User-id.

I am configured LDAP setting about PA-2050.(OS Version 4.1.9)

Sometimes I saw the messages about  commit fail error when I set up a user-id through security policy.

The error message is "duplicate user name".

I g

ipsec vpn issue

I configured ipsec vpn with palo alto to checkpoint.

pinging isp:

local/external ip(182.x.x.x) to peer ip(102.x.x.x) ping successful.

pinging local network to peer ip:

local pc(10.10.10.x) to peer ip(102.x.x.x) ping unsuccessful..tracert confirm drops on

Active/active ha config

Hi All,

my req:

isp 1 4mbps(untrust) ->pa 500a->(trust)cisco switch l3a->

isp 2 4mbps(untrust)->pa 500b->(trust)cisco  switch l3b->    same web servers but using  isp 1 &2 public ip's(redundancy purpose) to do static s-nat for web servers

external users