Resolved! PA-2000 HA Timers

Currently if I hard power down my primary firewall it takes about 6 Seconds for the secondary to take over, a bit slow really.

Changed most of the HA timers to their minimum, just checking to see if there is any other configuration that can be changed

Resolved! Using ISA for OWA

Hi All

I'm looking to replace our Fortigate 110c with a new PA-500 and I've managed to write the security and NAT policies which when tested seemed to work well apart from OWA.

We have an ISA 2006 server which publishes OWA and OMA on a public IP and h

Resolved! Session timeout

Hi All,

i want to ask about session timeout setting in palo alto.

if we create policy to allow traffic from trust to untrust with service http (custom http port 80)

1. what is default session timeout for http traffic?

from my testing it will hit web-brow

Resolved! Control OWA

Hi

I want to stop our users from accessing company email from their home (non company supplied) PCs using OWA. I still want to allow access to our email systems through webmail/https

Can this be achieved by app filters (MAPI, Active sync) OR do I need

Resolved! nat in vwire mode

how it can be possible ??

how can we apply the NAT in the vwire mode

Resolved! CERT_DATE ERROR SSL-VPN Global Protect PanOS 4.1

Hello,

I configured the VPN-SSL on PANOS 4.1 using the "Configure Global Protect tech notes" document and the migration from Netconnect to Global Protect. Following these manuals I got this error.

(T5448) 01/19/12 12:21:10:825 Debug( 392): CPanHTTPSess

Resolved! Seperate policy for IPSec VPN and SSL VPN?

So I would like to have different policies based upon what device a user comes in from. If they use Globalprotect with HIP checking, they are given a less restrictive policy. Where as if they come from an iphone with ipsec, they are given a more rest

Resolved! Mac GlobalProtect = Detected another instance

I just setup SSL-VPN access on our PAN-2020s and downloaded the latest Global Protect Bundle that was released on June 20th, 2012 - v. 1.1.5.  I logged into the portal in my mac and installed the version for Mac running OS X 10.7.4 (64bit) and once t

Resolved! Captive Portal - identify user with certificate

Hello everybody.

I have a question regarding captive portal user identification.

As everybody know user like Mac, iPhone, Android are difficult to identify and manage without insert credential in captive portal.

For wireless policy in all my company dev

Resolved! When a license expires, does it expire at 00:01 of the listed date or the 11:59 of listed date?

Also, is there a reason why the URL database has to be dumped immediately after the license expires? Just like with Apps and Virus definition, would a customer not be entitled to use the last URL DB downloaded prior to the license expiration?