How to get the client's IP address with x-forwarder-for in PAN.
How to get the client's IP address with x-forwarder-for in PAN, I need to create something to caputure this part of HTTP header?Thanks.Patricia.
How to get the client's IP address with x-forwarder-for in PAN, I need to create something to caputure this part of HTTP header?Thanks.Patricia.
Hi. I'm looking for information on what the Default Threat actions are. Is there a list or a database where I can find out how each Signature ID is handled by Default??Many Thanks
Does anyone know how to specify your traffic logs by vsys and add multiple search parameters of the same type like you can in the gui? We are running PanOS 4.1.7. Notice that the app option does not show up anymore and and there is no vsys option.PA-1(active)> show log traffic action equal deny app not-equal not-applicable + csv-output cs...
Hi,I'm having issue with configuring NATing for my Polycom unit sitting behind the firewall to work. I have allowed all the required apps for Polycom to allow outgoing and incoming. My issue is when I can only call out to another party with public IP but can't receive call from outside the network. I have both NAT rule for both ways in place....
Hi All,Is there any way to custom certificate expired date that generate by paloalto itself ? I saw it on webpage that is too short, it only have six monthes.Thanks.Regards,Joy
Hello,We experienced a problem with a specific SSL encrypted site: https://panakeia.infoman.de/The original certificate is issued to "*.infoman.de" and was issued by Go Daddy (--> InfomanCert_Original.png). It seems to be perfectly valid but still our PA-2050 thinks different and presents our internal clients a SSL certificate issued by our "...
Hi all,I need to reassure me on a simple configuration.Is it possible to do this configuration?IP interface 1: a.a.a.a / xIP interface 1.10: a.a.10.a / xIP interface 1.20: a.a.20.a / xI ask this because I've seen a few configurations and whenever subinterfaces were used, there was no IP on the physical interface.Thank you in advance for your ret...
Hello,I'm seen hits for the JS/Trojan.iframe virus only since last Wednesday or Thursday. Have seen them associated with three different websites. I suspect false positives. Anyone else out there just started seeing these? Was the virus definition modified last week?ThanksEric
I was looking at the new specs for the 4.0 code of the iPhone OS, and saw that they were opening up the SSL VPN function to Juniper and Cisco.Any chance Palo Alto is working on a NetConnect app for the iPhone?http://www.apple.com/iphone/business/preview-iphone-os/
We are starting the initial rollout of Microsoft Lync clients. Has anyone setup QoS for Lync on the Palo Altos? Any issues to look out for that anyone has run into? We have 6 sites that will eventually have Lync clients and I want to make sure the user experience is good. Any feedback would be appreciated. Thanks.Dan
I am trying to establish a policy to send all traffic based on bittorrent through a specific ISP.However, when I add any application under the destination application, I get the error: application 'bittorrent' is not an allowed keywordapplication 'bittorrent' is not a valid referenceI noticed that not all application are available to use in the ...
Kind of as per the subject really. I'm interested in using User ID so that only authenticated users have internet access, but I'm not sure quite how "real-time" it is?Someone comes in and switches on a computer, logs onto the domain, tries to browse the web - will the Palo Alto know so soon that they are now the user logged onto a particular PC...
Hi,Can anyone explain what the option "pre-logon" means as a value for source-user in a security policy?I can't find anything about it. Not in the build in help, the admin guide nor the CLI reference.
I have got a tunnel set up successfully to Azure but have had to specify the peer identifier by IP address which will not be very stable. Azure support advise that the peer identifier set by azure is dynamic and that some firewall vendors (Cisco, Juniper) do not require the peer identifier to be statically set. On Palo Alto I got:ike-generic e...
I have question and I am not sure if I am posting this in the right place. I am also new to Palo Alto firewalls. I have a lot of experience with Cisco and SonicWall so you'll have to excuse me if I sound a little ignorant concerning Palo Alto at the moment.This is my question/problem. I have a single subnet on my network that seems to be having ...
| User | Likes Count |
|---|---|
| 4 | |
| 4 | |
| 3 | |
| 3 | |
| 2 |

