Resolved! Any idea about 3rd party verisign certificate with GlobalProtect ?

We were using sslvpn with PA 's certificate.Now we bought 3rd party cert. from Verisign and imported it as using server certificate

But Global Protect gives an error as "Protocol Error: Check server sertificate"

I have searched KnowledgePoint but could

Resolved! TAP Mode and IPv6

Hello Everyone,

Is it possible to monitor mirrored IPv6 traffic in TAP mode?  I have a PA-500 and it has been enabled for IPv6 firewalling.  Apart from checking this option, is there anything else that has to be done to monitor IPv6 traffic?  If it is

Resolved! External CA Management Certificate

Hello

Is it possible to use an external certificate from our corporate CA for the SSL Management Interface of the firewall?

I have already Imported it, and the corporate root certificate, but I don't know how to change the management interface configur

Resolved! Combining policies from different virtual systems

So we are migrating from ASAs to PA 5050's.  We are trying to do it with as little interruption as possible so what we did is put the PAs inline behind the ASAs using vwire.  Our thought is to build our 4 environments as separate virtual systems in o

Resolved! Firewall Configuration Essentials 101 Exam Retake Help

The end of last year I took the Firewall Configuration Essentials 101 v.4.1 exam. I didn't pass so I've spent some time studying and playing with Palo Altos. I returned to retake the exam and it doesn't show up under pending evaluations and I request

Resolved! Blocking lists of IPs

I'd like to block a list of IP addresses based on the ZeuS IP Blocklist.  What is the best/preferred method for doing this on the Palo Alto?  Thanks

Resolved! about control softether

Hi All,

We would like to control softether with PA5020 which runs PanOS 4.1.10, but we can not find keyword "softether" in the applications.

Anyone knows how to control softether in the PA fw?

Thanks.

Regards,

Joy

Resolved! Manually trigger a logevent for a threat or a rule?

There is a test-command one can use in the CLI to identify which security policy a specific packet will hit.

But is there also a command to issue a log-event?

For example when you are about to manually configure triggers in your logserver to react on -

Resolved! Need help with BGP in Active/Active HA

We have a pair of 5520's in Active/Active mode at a colocation facility.  The colocation facility is handing off to us 2 separate LC fiber connections, each has it's own public /30 address but utilize the same AS number for our BGP.  We have a /24 fr

Resolved! The hunt is on - 0day for java 1.7u10

How many hours/days will it take for:

1) Wildfire customers

2) Regular customers

to get protected by a threat-db update regarding the latest 0day exploit for java 1.7u10 (and possible java 1.6u38) as descibed in:

Malware don't need Coffee: 0 day 1.7u10 s