Did you know that you can help your fellow community members by accepting solutions when a reply answers your question Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature
...
All,
I am using a microsoft CA to issue machine certificates for global protect authentication. All is working, but the downloading of my internal CRL. Is there something I need to configure besides checking the "User CRL" option in my certificate p
Hello,
Is it possible to use client certificates for both AD and local users for global protect? I have a working authentication sequence, but have a requirement to use client certs. If it is possible, would it be better to generate the certificates
...
HI,
we have detected that we are suffering a scan of all servers in our DMZ, the IP source is 151.236.14.140, on port 443.
How can we avoid this kind of attack or prevent it??
Thanks
Anyone got GP to work with OSX 10.9? Do we need to wait for an update?
Thanks,
E
Hi,
I want to create a report based on the predifined canned report HTTP Applications. I have tried loading it as a template and it doesn't show up in the list of templates. I have also found it in the CLI as top-http-applications the output of whic
...
Hi
I moved my email serwer from untrust to DMZ. Everything almost is working fine, almost ...
This server has ftp and webmail function too, so my security rules looks:
I checked on aplipedia for aplication smtp and pop3. Accroding to aplipedia smtp uses
...
Hello Guys,
Have anyone of you noticed something regarding torrent(bittorrent, transmission..etc..)?
We received a report that a torrent app which is transmission is able to evade the app detection of Palo Alto NGFW.
I tested it in my lab, I use Bittorr
...
Hello,
Does anyone have a document confirming the expected behavior from PANOS 4.1 regarding the TCP Sliding Window checks when the L7 scan is completed (hw session offload) for TCP session?
Thanks
Any one know the best what to migrate this configuration from a Cisco ASA 5505 to a PA 3020 here it show run information for the interfaces from the ASA 5505
interface Ethernet0/0
switchport access
vlan 900
!
interface Ethernet0/1
switchport access
vl
Hello
I made a CSR. Got my Cert and did the stuff mentioned in the "how to chained certificate", Copied the intermediate on top of my cert.
but the PA-500 did not accept it. okey i tried it without the intermediate cert text - and it worked. Request is
...
Hello all,
Yes its youtube again, for a while now youtube has been working fine since we turned on the safety-mode feature and forced students to select safe-mode.
But this week they have been complaining that not all the videos work.
I have looked at t
...
Hello
I have made qos configuration.
I have questions when am checking qos.
Look at the following command
show qos interface ethernet1/1 hw-counter
qid name pass bytes WRED drop policing drop
------------------------------------
...
Hi,
Is it possible to have VPN connectivity established from a Windows 7 machine to a Palo Alto device using dail-up method. We need to login to the domain directly while we require a VPN connection.
I have globaprotect working but I didn't find any wa
...
Has anyone been able to successfully set up captive portal +Apple iOS devices + client certificates? I have all of this set up but running into a slight issue with iOS devices(works fine with Windows devices). On the iOS device, when opening the Saf
...
I have been researching Dynamic IP NAT, and have found the option to configure Dynamic IP address pools to reserve IP addresses for translation. Taken from "Understanding and Configuring NAT Tech Note":
Reserving IP Addresses
Dynamic-IP address pools c
...
BPry
on:
Making a dataplane interface behaves as a management interface
Raido_Rattameis
