Ultrasurf Blocking Fail

Hi,

I am suferring from many failed attempts trying to block ultrasurf. i added the application to a deny policy on the top of my policies, but users keeps jumping to the allow policy. i tried to block unkown UDP/TCP apps, but it failed too. the applc

Who's using an MSSP for security monitoring?

We have a need for 24x7 monitoring, so I wanted to explore partnering with an MSSP vs. setting up our own SOC.  Anyone have experiences to share?

We'll probably start discussion with one of these partners, but wanted to get feedback first:

https://www.

Sipvicious.Gen User-Agent Traffic

Hello everyone,

This is my first post here. So i started a new job couple months ago and we have a PA 3050 . The daily reports is showing Sipvicious.Gen User-Agent Traffic coming from IP's all over the world.

Any ideas?

Thanks

PBR Monitoring

Hi,

In Forwarding tab under PBR forwarding rule, what interface usually Ping or monitor the IP Address in Monitor option?

Thanks,

MBS

UserID connecting-disconnecting

Hi, im having problem accesing to my PA (i think because of UserID). If i try with local user its ok but with my LDAP user is not working. The users cant access via VPN neither.

I can see a lot of events about "connect-agent" and suddenly "disconnect-

white list and captive portal

Is there a way to whitelist some URLs that would be allowed without or before authentication via Captive Portal?  What we are wanting to do is allow users to access email via Office365 without having to authenticate first on the captive portal.  This

On-demand ipsec tunnels?

Is it possible in the PAN to do on-demand vpn tunnels? This is used quite a bit in the Cisco world.. especially for vendors.

They often are setup so the tunnel is configured but when the vendor needs to connect for support, the end-user needs to conn

Route Cache

Hi,

We implemented PA3050 as internal firewall. We configured it as L3 and caters up to 200+ static routes. When we try to remove a single route in virtual router and commit, approximately 20 minutes before it takes effect. Is this normal in Palo Alto

PAN OS and TACACS+

Hi There,

Is it possible to tie together a PANOS and TACACS+ for authorization of commands? If not, how it possible to restrict access for some cisco network equipment? Any ideas?

QoS based on DSCP marking

We have Mitel IP phone systems deployed across multiple IPsec VPN sites

The voice packets are marked EF (DSCP 46) and signalling packets are marked AF31 (DSCP 26) automatically by the IP phones and PBX.

Under QoS policies, there doesn't seem to be a wa