Resolved! Problem with interzone U turn NAT

Hello,

I followed the instructions in the paloalto "understanding NAT-4.1RevC" pdf for implementing U turn NAT.

It works when I try to access a server in the DMZ from the trusted zone via it's public untrusted IP.

I have now a web server which somehow t

Resolved! Physical connectivity validation on passive device

Hello,

We use vsys on our PaloAlto cluster. During a new vsys deployment, I would like to validate that the passive device's physical connectivity to a switch is working.

But I don't wish to launch a failover just for this, because it could impact the

Resolved! GP agent takes 30 seconds to connect

Hello

We are currently testing the GlobalProtect VPN client. One issue that bothers us is that the GP agent takes more than 30 seconds to connect to the gateway. Is that really the time it takes to establish a tunnel? Our earlier PPTP solution took 1-

Resolved! How does the firewall work when they received unknown-user's packet?

Hello, Guys. Nice to meet you.

I'm testing User-ID in PAN OS 4.1 and USER Agent 4.1.

There's something curious situation during my lab test.

I've deleted all ip-user-mapping information with 'clear user-cache all'.

So all users is unknown to firewall.

But

Resolved! Vulnerability

When you add a custom vulnerability signature to the Palo, is it added to the default vulnerability profile by default?

Resolved! Inbound SSL Inspection with mis-matched certificates (or SSL handoff)

Hi,

I'm kind of expecting a no to this question, but I noticed whilst setting up inbound SSL inspection for a client the other day that if the Cert on the Palo Alto and the cert on the SSL web server do not match then the firewall will refuse to decry

Resolved! Can anyone explain this vulnerability in more detail "Service Enum Through SMB ServiceEnum2"

I am trying to find more detail on what this vulnerability is and what could possibly be triggering it in a Windows Server environment.  I am thinking that it might be a mis-configured service or application native to Windows Server but looking for a

Resolved! Can the PA firewall join an AD domain?

Is it possible for the PA firewall to join an AD domain?

Resolved! PanOS 5.0 User-ID Redistribution

So a new feature within 5.0 is to allow a PA to act as a user-id redistribution point for other PA's. Has anyone gotten this to work? I tried testing this out, but I am not seeing how to configure.

I setup our core PA's to act as a redistribution poi

Resolved! Settings for getting Hyper-V working in PAN

setupHello,

I have been struggling with this all day, and I think I have it narrowed down, but can't seem to nail it down yet.

I have a test Hyper-V 2012 server in the data center, and all my services are working properly, except being able to connect

Resolved! Receive time of logs ("Traffic Log") in a custom report

Hello all,

I've created a custom report for gettings logs (from Database "Traffic Log") and I need the exact receive time for the entries.

Unfortunately, there is no such column to choose from. The only column that contains time information is "quarter

Resolved! L3 setup for DMZ link

I currently have the following setup.  Two PA's in active-passive with an L3 interface configured with zone DMZ-Web connected into a single switch.  That same switch is connected to a VM host that is also in an active-passive configuration.  The prob

Resolved! Can I use PA Policy Based Forwarding to forward user Http and https port traffic to a squid proxy server (tcp port: 8080)?

Can I use PA Policy Based Forwarding to forward user Http and https port traffic to a squid proxy server (tcp port: 8080)?

Resolved! ISP Support

Hi,

Just want to know how many ISP does Palo Alto supports?

Thanks in advance.

Rex