Resolved! Captive portal with Client Certificate Profile and fallback to radius/kerberos

Hi,

I have the following use case for a large customer :

1/ Captive portal authentication with client certificate profiles.

2/ When the client has no valid cert, an authentication fallback mechanism is required with username/password ( radius or kerbero

Resolved! Virus definition upgrade server issues - anyone else?

Hi.

I've just noticed that my PA's can't download the latest virus upgrade from Palo Alto.

Every time I try, I get "Failed to download due to server error - please try again later".

I've been getting this error for several days now - is anyone else seei

Resolved! 4.0 to 4.1 Upgrade Path

I have 22 firewalls plus Panorama that I am looking to upgrade from 4.0 to 4.1.x. Part of this will also require the upgrade of the User-ID Agent on a few servers.

I have seen a few threads saying that Panorama needs to be a higher version than the fi

Resolved! iOS 6 and IPSec VPN

We have iPad 3's with IPSec VPN working with the Palo Alto 5020.  We upgraded one iPad from iOS 5 to iOS 6 and now the VPN is not working.  I know iOS 6 just officially came out this morning, but anyone else have this problem? Here's what I'm getting

Resolved! Add second ip to tunnel interface

Hello All,

I am wondering if it is possible to add a second IP to a tunnel interface. I want to add some extra IPs to a tunnel interface (/28 subnet). To allow a remote party to connect to some servers in our internal network using NAT over IPsec tunn

Resolved! File Blocking and the Continue Action

Hello,

I understand the main purpose of the continue action, and the additional level of effort the end user must take to ensure they intended to download a specific file.  Can anyone verify that the continue feature works if someone was trying to upl

Resolved! Can't get internet access, routing problem?

I have worked with many different types of firewalls, but this is my first time with the Palo Alto 5050. Currently I have a basic configuration, a single internet connection and a VR with a default route, properly addressed interface, policy that all

Resolved! Does the current PAN-OS support public-key site-to-site VPNs?

Hi all!

Going through the documentation and forums, it doesn't seem the current Palo Alto PAN-OS support public key site-to-site IPSec VPNs. That is to say, there's no support for certificate-based IPSec VPNs like the Cisco ASA has.

Are there any plans

Resolved! Malware Site blocking: 94.102.55.20

Hello forum,

I am seeing traffic to a particular IP address from one computer that I know has been infected with a virus (we're busy getting rid of it). The connection is SSL and we are about to implement SSL decryption on our Palo, just not this sec

Resolved! URL FILTER QUESTION

So I have a URL Filtering Profile and I have entered a site that I want on the allowed list (play.typeracer.com).  See screen shot below:

When a user that is listed under that profile tries to go to the said site (play.typeracer.com) they get blocked.