Captive Portal authentication as a replacement for Checkpoint Client Auth

Hello,

We're in the process of replacing a number of checkpoint firewalls with Palo Altos and we're looking at ways in which we can replace the current Client-Auth setup on Checkpoint where you telnet to the firewall directly, authenticate, and it the

session browser source=0.0.0.0?

seeing a lot of sessions in the session-browser with a source ip of 0.0.0.0 (in the internal "trust" zone) - these tend to be UDP protocols, RTP, bittorrent, skype etc and the session browser shows them not matching any rule or having any bytes.  Are

Test commnad on the nat policies

Hello,

I did an upgrade from a 500 model to a 3020 model. All the configurations work just fine. The problem that I see is that I cannot test the nat-policy rules. I have the following configuration:

..

snat-all-LANs {

        from inside;

        source

Original MAC Address of each interface on device

I have two Palo Alto devices and running HA.

When i run command on Active and passive device:

> show interface hardware

It only show the same MAC Address value of all interface.

I want to know original (physical) MAC Address of each interface on each d

What does not get uploaded in Config that needs changed via CLI?

We have a PA-500 that has a bad hard drive in it. We copied the config from the bad device and transferred it to the new RMA device they have sent us. on the GUI all the settings have transferred over just fine and nothing looks different. But when t

Protecting private clouds

We are in the process of testing the deployment of Internet-facing services into Azure, such that they are accessible from the public Internet via Azure but have a VPN connection back into our environment. Obviously in this scenario we must rely on M

Reputation score based policy? / URL-Filter w/o Threat Prevention

Question1:

We're in the middle of evaluating the PAN firewall 5050, and are generally impressed w/ what it can do, in terms of blocking & reporting, etc.

One feature we're looking for, but seems to be lacking is the ability to permit / block end users'

Generate Monthly Reports in Panaroma

Hi All,

I would like to know the process to create a monthly PDF summary report via Panorama. I can only create a days report. Anybody know of a way?

Rgds,

TJ

Google-calendar-base from iOS devices

Hi,

I applied an SSL decrypt profile and with no blocking configuration if decryption would fail. Now I notice that on iPad with IOS7.0.x the calendar from google is not working.

It appears in the traffic log as decrypted and the application is seen on

Palo Alto Software/Threat/AntiVirus Update Policy

Hi,

I am having an internet facing firewall which needs to be kept updated with the Threat/AV software.

I have configured the service route to use the correct interface for updates. However, it still cant check and download the required updates. As it

Have someone use Paloalto implement vpn with Avaya phone?

Hi All,

Have someone use Paloalto implement vpn with Avaya phone?

My customer want use Avaya phone connect to Paloalto,but Avaya phone use VPN client ,have somebody know paloalto support VPNclient ?

Best wishes,

Netfos Jim