PA random packet captures

I've noticed that our 5020 is taking (what seems like)random packet captures.  I searched this forum about this, and have read that the PA does do packet captures if the traffic is identified as "unknown-tcp" and "insufficient-data".  The traffic I s

SSL decryption - File blocking problem IE v8

I have a file blocking policy defined to block specific attachments via external web mail portals.  I get correct matches for the application and also get successful SSL decryption.  My problem is that Internet Explorer v8 clients can still send the

Global Protect Routing

I just recently setup GP and I'm in the testing phase. My tests are failing. The very first time I connected I could ping out to the internet, I could ping devices via IP address inside our network (behind the firewall), and I could ping via hostname

Invalid username/password with LDAP for Captive Portal

Running a PA-500 on software version 5.0.2

I was wondering if anyone could point me in the right direction, I'm trying to get a captive portal working that using LDAP groups to provide access through the policy.

The LDAP servers are configured ok, as I

static nat + intrazone u-turn and interzone u-turn at same time

I'm currently having problems on PAN OS 5.0.1 replicating a standard Screenos MIP configuration. Whereby static nat and interzone/intrazone u-turn nat are all active at the same time.

We have multiple zones (5) all of the hosts inside each need to be

global protect internal

Hi

Can anyone give me some feedback on how to configure my globalprotect client to register/connect when on internal LAN? - so I can help my pan-user agent tag what users are connected

Thanks

GlobalProtect new Version (1.2.3?)

Hello,

do you know when the new GP Agent will release? We expect some debug fix, regarding our certificate problems...(PaloAlto Support is informed about).

THX

Zone protection reconnossainse protection

Hi,

I am testing "reconnossainse protection" feature on a PA-200. I built a reconnossainse protection profile over zone protection tab and I mark over "reconnossainse protection" and I checked "tcp port scan", "host sweep" and "udp port scan" (with de

LDAP and User ID

Hi,

I am beginner to palo alto networks.

I am working with user id concepts.

My task is to get User - IP mapping from Active directory to PA device.

I am running Windows 2008 Server.

Can anyone help me , how to configure LDAP in it and get the user - ip m

Vulnerability Protection CVE-2013-0431

I've spend some time on testing vulnerability protection on the PA firewall. The protection engine did a good job, but there is no protection against CVE-2013-0431: Java Applet JMX Remote Code Execution

I'm running PANOS 5.0.1 and Version Application

Reporting Question

Hi Folks,

We are about to go through an internal audit and it has been requested that I produce a report about the threats that have attempted to come through out PA-5020, how many were blocked and confirmation that it was indeed blocked.

is there a re