General Topics

Resolved! PANORAMA MODIFY EXPAND STORAGE

Hello,

I have installed a panorama with extended disk of 1TB and now I want just use 500 GB.

I can reduce the size of my virtual disk without reinstall the system??

thks for your help!

Resolved! About policies PA500

I want to know because when I make a change in my PA500, I get the following:

- Rule 'Accounting' shadows rule 'User'

- Rule 'Shopping Paniagua' shadows rule 'portable users'

Thank you very much

Resolved! Any way to Manually Sync LDAP Group Mapping?

Is there any way to manually sync the LDAP Group Mapping/User Identification in Palo Alto? We have the sync interval set to 4 hours, but there are times where would would like to sync manually.

Resolved! How to detect DNS TXT messages

is it possible to detect and furthermore block DNS TXT messages via a Threat Signature?

The goal is to disable DNS Queries regarding TXT resource records.

Not sure if the context dns-req-section does the job...

Did anyone ever try this?

Thanks!

Stefan

Resolved! Difference between gtalk and google-talk?

In todays content update one can read:

"

Modified Decoders (6)

      Name

      gtalk-p2p

      ipsec-esp-udp

      jabber

      ssl

      google-talk

      oracle

"

How come gtalk-p2p isnt named google-talk-p2p or is gtalk something else?

Yeah I know thi

Resolved! PCI and WSUS

I need to create rules for a PCI firewall for a WSUS server. Microsoft does not publish IP's for their update points so this is problematic on a PCI firewall (or it seems to me). I can either:

1) create a rule which allows the server out to "any" usin

Resolved! Captive Portal Certain AD-Users

I have a unique situation.  Currently, I have a 10,000 + user based network and implemented Captive Portal Policy. We have certain AD accounts that auto login with certain machines. We want to always captive portal those certain logins.  So I am want

Resolved! help to configure a DMZ and NAT

hi,

i need a little help to configure a DMZ. here is our situation:

interfaces

ethernet1/1 - 1.1.1.1 (public - NAT clients)

ethernet1/1.1 - 1.1.1.2 (public - NAT DMZ)

ethernet1/1.2 - 1.1.1.3 (public)

.

.

ethernet1/6 - 10.10.30.1 (DMZ)

.

ethernet1/8 - 10.10.20.

Resolved! Aggregate Ethernet interface: LACP and PaGP support

Hello, Everybody,

we would like to aggregate ethernet interfaces of our PA-5050 (4.1.7 PANOS) in order to have a redundant physical connection towards our Cisco Catalyst switches.

Sound like LACP is not working with PAN and we had to set PaGP, which, o

Resolved! Untagged sub-interface doesn't support in OSPF on v4.1.6.

Hello,

Cause untagged sub-interface does not support in OSPF routing from v4.1.5. If I have that configuration usage in firmware before v4.1.5 (v4.1.1). What is the right way to configure OSPF area interface, if I want to keep IP address(subnet) of th

Resolved! URL/Application Blocking

Hi Guys,

Just wanna ask a few question. I was testing out the URL and Application Blocking. I was trying to block the facebook-chat, facebook-posting, etc.

to cut the story, I want to block the applications inside facebook but not the whole website. sa