Hello~ Guys~I'd like to know Passive Mode in IPsec. Anybody Help ME~~~Thanks in advance.Have a nice day~~~
Hi,I know PA support countries as source & destination address by IPv4.How about IPv6 address?Tomi
Our users are getting on a regualar base phishing mails in which they are asked to fill in their username and password by clicking on a link.We don't have the URL categorizing license but are using URL filtering via custom URL filtering and that works fine (most of the time). We put the links of the phishing mails in the custom URL category with...
Hi We have a Cisco VCS-C on the inside network and a rule created on our PA to allow all traffic to the VCS-E which sits on the public facing network. I'm finding my calls to H323 or IP addresses are randomly disconnecting after a period of 50 minutes.I've checked with Cisco and they've said to check my FirewallHas anyone any experience with PA'...
Hi all!I config PA to decrypt SSL traffic.I test traffic Https on gmail, facebook, it okBut my yahoo and google driver client can not connect to servers.This is my config.Pls help methanks
If I only had my personal experience and the amount of chatter on the support forum, I'd say that the PAN OS is buggy. Is there more comprehensive information available on bugs in the various releases, like Cisco's Bug Toolkit? I'd like to make more informed decisions on when to take the plunge into the next release.Thanks,Mike
We have user-id-agents on ou core DC's and all our local DC's (across the WAN). We receive reports with high SMB traffic polling from the core DC -> local DC. Anyway to eliminate or reduce?
Hello,Since I have updated my active/passive cluster with latest Application and threat content (version 339, released yesterday), some ssl traffic is now recognized as "tor" application.This traffic is only ssl, not tor.Is someone else have this problem ??I have 2 PA-4020 version 4.1.9.I open a case for this with my network integrator.I returne...
Hi All,Test with PA 5020, with PAN OS 4.0.11 with tcp reject non syn disableTraffic generate from 50k IP Source and 1 IP DestinationCan anyone give explain about why in small packet (64 bytes) test in Spirent, there is no result ?Or someone already test it?Thanks.
Hello,I'm trying to setup my PA-500 (running PAN-OS 5.0.0) to e-mail me reports and alerts. But, there are no options for SMTP authentication, which our mail server requires us to use. Am I missing the options somewhere, or is this feature not built-in to the PAN-OS?If it isn't, can we please add this to a feature request list, since I'm sure ...
Hello,I have defined a rule that allow pings (using the "ping" application). However there are a lots of other applications that flows through this rule, even "web-browsing" !!!How is this possible ?Regards,Laurent
Hi,after PA-500 upgrade (from 4.1.7 to 4.1.9) I solved SSL problem with Chrome but now I have a problem with firefox opening SSL pages (when they was decrypted by the firewall).For example opening https://www.google.com I receive this error:"SSL ha ricevuto un messaggio inatteso di tipo New Session Ticket handshake.(Codice di errore: ssl_error_r...
Hello,I experienced an issue with 'application blocking page' for https traffic through web proxy.The firewall is configured to decrypt the HTTPS traffic.Layout : Client -- Palo Alto FW -- Web proxy (Squid)If the traffic (https session like https://www.facebook.com) is sent directly to Internet, I receive the 'Application Blocked page' in the br...
Hi.I've got LDAP authentication configured to allow users into a Global protect portal. I'm 100% sure it works OK, because I can authenticate against it.Trouble is, I *can't* get it to authenticate against an Active Directory group. if I add individual usernames into the authentication profile used by the Global Protect setup, they work - which ...
Being smart we thought it best to use a wildcard cert as we were going to be setting up about a half dozen SSL certs and various domains, that seem to be ever expanding.One place we wish to use is on our PAN device for VPN access.but as i go to import it, it requires a passphrase, something we never set up, and going thru the CSR process, on the...
| Subject | Likes |
|---|---|
| 2 Likes | |
| 2 Likes | |
| 2 Likes | |
| 2 Likes | |
| 2 Likes |
