SSL Decryption

Hey

why PA doesnt do SSL Decryption for this site: WeTransfer

i can see PA is recognizing it as this application: wetransfer

but ican see the original Go daddy ceritifcate in the browser windows, and in the PA logs i cannot see "decrypted" on this traff

iPhone Applications

I have turned on SSL Decryption for my organization and am now receiving reports that iPhone/iPad applications have stopped working and there is nothing in the logs.  To test whether the PAN firewall was the cause I contacted a user and put in a poli

VoIP Traffic, strange behavior, need help to understand please.

Greetings All,

I have an issue where we are seeing some strange issues with VoIP traffic.

Device:  PA-2020

S/W Version: 4.1.9

VoIP Provider:  Foehn IP Telephone systems.

Latest Application version.

A new VoIP system has been deployed which has SIP traffic

Trouble decrypting Google traffic

Hi,

we have some trouble with a lot of Google sites when we enable SSL decryption and also enable CRL and OCSP checks. We either get no response at all, or error messages like the one in the attached screenshot. If we disable the CRL/OCSP checks (whic

Update 377-1826 breaks youtube-safemode

Just a heads up - it appears that update 377 has broken the detection of youtube-safemode, with everything being detected as youtube-base  ; revert to 376-1817 appears to resolve the issue.

policy and security profiles

heyy

i tried to troubleshoot some traffic behaviuor, an i created a rull without any security profile and with application overide.

when i run those commands to look at the traffic i found this.

admin@PA-500> show session all filter destination 147.235.

dependency warning - how to force it?

Hi

I'm bit confused about dependency ...

During commit i have:

    vsys1: Rule 'XXXXXXXXXXX' application dependency warning:

     Application 'gmail-base' requires 'imap' be allowed, but 'imap' is denied in Rule 'Scholastycy - deny rest'

     Application

Problem to identify a user with accented character

Hello,
I have problems to identify an AD user whose name contains accented characters:
User "SépotF" recognized as "sépotf"
Any suggestions?

Thanks

ICMP reply size in 4.1

Is it possible in 4.1 to limit the size of icmp replies or strip any payload in order to discourage tunneling via ICMP ?

Can I use Radius Accounting or Diameter as source of rules in ISP network?

Hi,

I want to install the PA in my ISP net as transparent bridge, I'm looking for a way to configure the machine to get an IP address & then translate it via Radius acounting / diameter protocol to the user info.

Do you know how it can be done?

How is