Resolved! About policies PA500
I want to know because when I make a change in my PA500, I get the following:
- Rule 'Accounting' shadows rule 'User'
- Rule 'Shopping Paniagua' shadows rule 'portable users'
Thank you very much
I want to know because when I make a change in my PA500, I get the following:
- Rule 'Accounting' shadows rule 'User'
- Rule 'Shopping Paniagua' shadows rule 'portable users'
Thank you very much
Is there any way to manually sync the LDAP Group Mapping/User Identification in Palo Alto? We have the sync interval set to 4 hours, but there are times where would would like to sync manually.
When using Nordic Edge it's possible to set a "Response Message" in the Radius server. This message is then displayed to Global Protect users logging in instead of the standard "Please enter password for gateway x.x.x.x".
I assume this is done using a
...
Hi,
I've installed a new PA-500 device. I've also installed the UID-Agent and it's communicating with the Palo Alto because:
"show user ip-user-mapping" return results with many users
on monitor tab I have the users displayed
on acc tab i also statistic
...
is it possible to detect and furthermore block DNS TXT messages via a Threat Signature?
The goal is to disable DNS Queries regarding TXT resource records.
Not sure if the context dns-req-section does the job...
Did anyone ever try this?
Thanks!
Stefan
We recently switched ISPs and they assigned as a 32 address block that sits behind 1 address. i.e 71.100.100.192/27 block behind 71.100.100.50/30. We are now connected to the ISP with the PAN addressed as 71.100.100.50/30 with a default route destina
...
In todays content update one can read:
"
Modified Decoders (6)
Name
gtalk-p2p
ipsec-esp-udp
jabber
ssl
google-talk
oracle
"
How come gtalk-p2p isnt named google-talk-p2p or is gtalk something else?
Yeah I know thi
...
I need to create rules for a PCI firewall for a WSUS server. Microsoft does not publish IP's for their update points so this is problematic on a PCI firewall (or it seems to me). I can either:
1) create a rule which allows the server out to "any" usin
...
I have a unique situation. Currently, I have a 10,000 + user based network and implemented Captive Portal Policy. We have certain AD accounts that auto login with certain machines. We want to always captive portal those certain logins. So I am want
...
hi,
i need a little help to configure a DMZ. here is our situation:
interfaces
ethernet1/1 - 1.1.1.1 (public - NAT clients)
ethernet1/1.1 - 1.1.1.2 (public - NAT DMZ)
ethernet1/1.2 - 1.1.1.3 (public)
.
.
ethernet1/6 - 10.10.30.1 (DMZ)
.
ethernet1/8 - 10.10.20.
...
Hello, Everybody,
we would like to aggregate ethernet interfaces of our PA-5050 (4.1.7 PANOS) in order to have a redundant physical connection towards our Cisco Catalyst switches.
Sound like LACP is not working with PAN and we had to set PaGP, which, o
...
Hello,
Cause untagged sub-interface does not support in OSPF routing from v4.1.5. If I have that configuration usage in firmware before v4.1.5 (v4.1.1). What is the right way to configure OSPF area interface, if I want to keep IP address(subnet) of th
...
Hi all,
We found this threat"BOT: TDSS.C Trojan Traffic Detected" on 3rd party's IPS(McAfee) deivce,but i can't find this event on Paloalto Threat DB.
Have anyone ever face same problem? Or have other solution can protect this attack ?
Regards,
Jim
Hi Guys,
Just wanna ask a few question. I was testing out the URL and Application Blocking. I was trying to block the facebook-chat, facebook-posting, etc.
to cut the story, I want to block the applications inside facebook but not the whole website. sa
...
hello guys,
does email configuration on pan allow you to receive email alert when primary or secondary pan ( in HA-mode ) when the primary firewall goes down? or when any of them stop responding ?
regards,
bp
Subject | Likes |
---|---|
5 Likes | |
4 Likes | |
3 Likes | |
3 Likes | |
3 Likes |
User | Likes Count |
---|---|
10 | |
7 | |
7 | |
5 | |
5 |