Resolved! Replacement of PA Management Certificate

I asked this in a recent class (201/205) but the instructor wasn't sure of the answer so here goes: Can the management certificate be replaced? We use a private CA for internal sites, as well as public certs for some devices.

Thanks.

Resolved! ssl decryption with upstream proxy

We have a squid server behind our pa fw like this:

Client <-> PA FW <-> Squid Proxy <-> ASA FW <-> Internet

Decryption of site https://addons.mozilla.org adds the IP address of our squid proxy to the exclude-cache list and all following ssl connection

Resolved! Custom App Cloning

Last question for today (but thanks for the previous responses - you all are very patient with the newbies): Is it possible to copy application definitions in order to make a custom one? I was looking for a clone app process that would save time for

Resolved! How do I create a 2GB aggregate interface on PA-2050, not HA

All,

I have a client that wants to aggregate two sets of interfaces in vwire on a PA-2050 to create a 2GB etherchannel.  Is this possible?  If so, can someone tell me which document contains the steps to create this?

Thanks!

ejm

Resolved! About ftp passive mode App-ID insufficient-data

Hi All,

We find that if ftp runs passive mode and go through paloalto fw, in the fw monitor -> logs -> traffic, we'll see the application should be identified as insufficient-data.

I also find that there are just few bytes for every logs in the Bytes c

Resolved! Live site nav question

Newbie here wanting to know where to report site issues. I tried clicking on the info center link from the home page and got a navigation error. Thanks.

Resolved! User-id is causing High CPU utilization 4.1.11

Is there any hot fix? I understand this issue is still reappearing on recent releases and some recommends down grade to 4.1.10

Resolved! Exporting traffic logs via CLI - scp

Is there a way to group by source or destination address from the cli. for example:

scp export log traffic query "(port eq 514) and ( proto eq tcp ) and ( app eq insufficient-data ) or (app eq unknown-tcp)" start-time equal 2013/03/18@01:00:00 end-tim

Resolved! Top Destination List

Hi all,

From ACC when we look to Top destination and sort by byte we saw 2 abnormal value.What may this be ?

Resolved! 5.0.1.h1

what does this fix with 5.0.1, i noticed that it is not available for general download.

Resolved! SSL VPN with Client Certificate

Hello

I want to use SSL VPN with Client Certificate.

I will install CA server on MS Window 2008.

I know CA server is installed 'Enterprise CA mode" or "Standalone CA mode".

The Enterprise mode deliver Certificate to assist AD server.

The Standalone mode d