User-ID mapping lost

model: PA-500
sw-version: 4.0.11
PanAgent: 3.1.2
Domain controller: Windows server 2003

Client SO: Windows XP

User-ID mapping from AD on my customer's network work fine, but only one user, who is logged on his workstation and also on his notebook, sometim

PPPoE on Active/Active HA configuration

Hi,

I try to configure PPPoE on Active/Active HA system (2xPA-500). Configuration went OK, but PPPoE stays disconnected. No log entries in System log. After changing to Active/Pasive mode PPPoE starts get connected.

Is PPPoE supported on Active/Active

SSL Forward Proxy - Best Practise?

Can anyone point me to a document or some guidelines on current recommendations/best practise when using forward proxy please?

I have the SSL certificate in place on my clients, my main target is SSL traffic to higher risk URL categories such as web b

Policy order

Is it important to have the Antivus, Vulnerability and Anti-Spyware rule as the first policy?

thanks

URL and Threat filter before reach squid caching

Dear All,

We have an existing squid proxy which going to use as a proxy caching and we want to use PAN to perform url and threat filteration in between user and squid proxy.

The end user browser proxy has been configure to point its proxy setting to th

Differentiating between an Error and a URL Filtering Block for Customizing the User Experience

Hello,

    I am working on customizing the user experience on the PAN's that we are installing.  I would like to be able to have a different look and feel when an "error" occurs rather than when a website is blocked because of the content (ie the webs

Maximum sessions for Captive Portal

Hi Guys,

On a PA-500, is there any specification for the maximum number of sessions or user logins at any given point of time for Captive Portal users?  Enquiring because, there is a known environment (school with boarding as well) (staff and student

PAN Agent stability

Hi All,

Is there anybody meets PAN Agent stability issue?

We always install PAN Agent version 3.1.2 on Windows Server 2003, but at lease tow customer meet the issue.

PAN Agent service is down once 1to3 weeks

No advnaced log can be found no matter debug i

PAN - DHCP option

Hi All,

I'm working to configure the PAN (4.1.2) DHCP, hopefully to replace the legacy DHCP server for the LAN.

My LAN consist of both data and voice on few vlans.

I would require to insert the dhcp option code of 176 & 242 for the ip phones.

But doesnt

Http-proxy application and applications in URL Filtering log

Hellou!

I have installed Palo (in tap mode) in front of MS TMG proxy.  In attachment I put a picture with the applications he recognizes. Http-proxy application is always the application with the most received bytes, but Palo also recognizes other app

ThreatID 33542 and Facebook

I'm seeing a lot of alerts in the last couple days for threatID 33542 when users are visiting facebook via http://www.facebook.com/

Could this be a false positive?  Anyone else seeing a jump in this threat?

Tnx, Tom

Data Filtering Patterns

Does anyone know the logic used to interpret data patterns/filtering expressions?

By this I mean, if I have two patterns:-

Confidential\\Eyes-Only     (exact match Confidential\Eyes-Only)

and

Confidential\\.+               (wildcard match Confidential\*)

Difference between session start vs end when doing DENY

The difference (generally speaking) between "log on session start" and "log on session end" (for ALLOW rules) is that the "session end" will also log application and trafficvolume however it will not show up in the log-files until the session really