General Topics

URL Blocking

How can I add some sites to the list of blocked URLs that PA downloads into my PA-500? I know I can block them manually in my PA, but I feel that the PA tech support staff should know about these sites. I will give you and example that my students fo

Internet logs, backup and review

Pardon if this is a repost but I am new and could not find anything similar.

Right now our 3020 unit seems to only be getting 4 or 5 days worth of log information before it fills up.  We would like to have access for the last 30 days if possible.  Is

Whitelist rule - confusion on URL filtering...

We have a whitelist rule that allows out http/https as a service and "any" as the application.

All the URL categories in the profile applied to that rule are set to "Block" and there are some URLs in the whitelist.

The destination address is set to "an

How reverse route injection can be accomplished in PaloAlto?

Hi All,

What is reverse route injection is used for in Cisco or any other devices?

How this can be accomplished in PaloAlto?

Thank you,

Gururaj

Panorama 6.0

we recently integrated a PA-500 (4.1.10) into PANO 6.0 and we've started seeing OSPF flapping. Has anyone else experienced this issue? It looks like the Management cpu will spike up to 100% when communicating to the PANO and then we lose OSPF. This P

Global Protect Portal

Is there anyone out there running client VPN and managing it through the portal on PAN-OS 6.0.1?  I keep getting the error stating that I need a portal license.  I have the same setup on another Palo on version 5.0.8 and it is running without a licen

Can Global Protect use multiple methods of Authentication?

Is it possible to setup Global Protect to use Windows AD authentication for a subset of our VPN users, and Radius for the rest?  I'm assuming this is not possible since you can only set one Authentication Profile under the GlobalProtectPortal, but if

Mcafee Application Object

Has anyone noticed the Mcafee Application Object is using the wrong ports, or do I have something wrong?

• McAfee update protocol for distribution of signature/pattern updates. tcp/3025
• Mcafee-update tcp/8801

These are all the ports Mcafee leverages (outs

Is it recommended to upgrade to PAN-OS 6.0.0?, Is it stable?

Is it recommended to upgrade to PAN-OS 6.0.0?, Is it stable?

Not able to access the URL

Can anyone please help me categorized the below URL into Malware Sites

http://203.197.123.30/clm/clmhome

Please advise.

CLI Scripting to implement missing commands

Hi,

in my opinion some commands are still missing in the PanOS CLI. I miss some features implemented in my conventional firewall to handle the policy rule  set efficiently.

Some other vendor has the possibility to use so called op-scripts in the CLI.

Best Way to use User-ID Agent.

Hey everyone,

I have been bashing my head onug how I can cleaninly use the USer-ID agent.. I wanted to stop WMI or event exclude internal vlans as I thoht it was used just for VPN. But its not its used to map source user info in the log files of the f