How to disable the use of SSL compression on HTTP-TLS interfaces on the device.

Dear All,

Please help me on this issue. The IT Security Audit team has scanned the PaloAlto Firewall PA-2050 and they found this vulnerability:

*********************************************************************************************************

625

Securing IPSec VPN tunnel

Recently we are planning to roll out potentially hundreds of IPSEC VPN tunnels at our customer locations to access our own remote devices securely over the Internet. However, we don't have good control of physical access to these remote VPN devices m

Weird thing custom report

Hi there,

One of my custom reports is Top Users Last Month. The report gives 500 top users sorted by bytes. It worked just fine every month for almost a year now. For the last month (november 2013.) there is one user with over 2.6 milion terabytes of

How to monitor and alert on sessions

HI,

I was wondering if anyone has done session monitoring on the network and management interfaces and then alerted as of when a threshold was breached?

I would like to do this for TCP and udp sessions

If you have what network monitoring solution did yo

What mean is 'no destination zone from forwarding' on global counters?

Hello,

I failed to install FWs to custom.

The FW was L3 mode with two interface(untrust , trust).

When I installed inline, from untrust traffic did not go through to trust.

Destination IP was just trust zone. In addition, FW did not have nat , vpn and pr

Captive Portal - NTLM without webform

Hi,

I have PA 5020 running PAN OS 5.0.5, I've got user identification working fine using an agent, however when users transition between the wired and wireless networks sometimes they lose internet access momentarily as the agent hasn't picked up a lo

Additional disk on PA-VM Series

Hi,

I've found information that it's possible to conect additional hard drive on VM-series PA  machines for logging. Does anybody know how to do it ?

Thanks in advance for help,

SP

how to block access to firewall

Hi .

How to block access to firewall ?

i have PA on public IP adress, but i want allow access only for 1-3 ip address.

i need to add this addres in DEVICE--> MANAGEMENT -->MANAGEMENT INTERFACE SETTINGS in Permitted IP Adrress

or

create a policy ??

Global Protect and proxy

Hello,

I'm using global protect to connect to some of our customers (using dual factor authentication).

Inside my company, Internet access needs to go through a proxy.

Because the proxy asked for authentication, we create exception inside the corporate

The connection status on global protect agent was not changed from 'connected' to 'not connected'.

I am glad to meet you.

Some users was done time-out on global protect. The tunnel was expired.

But GP Agent status was ‘connected’ not ‘not connected’.

Why was not the connection status on global protect agent changed from 'connected' to 'not connected