General Topics

Global Protect Certificate Request

Hi,

I am looking for a way to generate a certificate request from a PAN running 4.1.5 which I can then use against our internal Microsoft CA to create a server certificate to use in GlobalProtect.

Any help would be great,

Thanks

Mei

Can the Paloalto be used as a ftp proxy?

I currently have a PA-2050 acting as a firewall to a collection of private networks (with private IP addresses). Several of these "inside" hosts do need access to external IP addresses/hosts. Specificially to ftp information out and in.

Is it possible

Is belowe attached scenario is possible in HA Active/Active cluster?

Hi Team,..

We have two different ISP's as shown in attached scenario, Is it possible to use again both ISP's when any one of the firewall is down.

Thank you,...

Gururaj.

Antivirus Dynamic Update Issue

As of this writing, the latest available Antivirus update through Panorama seems to show it was released on 5/22/12, version # 750-1031. Prior to that release they had been received daily, is there any known issue with A/V updates right now? I initia

Rule syntax/ordering question

We've just installed a PA-2050 in our school and I'm trying to get it configured with some basic rules but I'm not quite sure I have the syntax or ordering of my rules right to achieve the outcome I want.

The simple side of things that I want to do is

Expanding Panorama Storage Using a Virtual Disk

Hi,

We are using Panorama 4.0.9 on an ESX 4.1.0.

We need to expand available log storage, an we apply this procedure :

Expanding Panorama Storage Using a Virtual Disk

The default Panorama installation is set up with a single disk partition for all data.

Captive Portal(web form redirect) on explicit interface

Hello all,

I've been trying for the past day or so to get captive portal(web redirect) to work using an interface on the firewall other than the "TRUST" interface. I've gotten captive portal to work using the Trust interface just fine but I would like

Web server and TMG

Hello

our web servers are published using tmg

at the moment i have a security rule form l3-trust to l4 untrust with any set

what do i need to do to allow traffic through to the web servers and tmg?

How to block DDoS attack according geolocation?

Is there posibilities how to block DDoS attack according public IPs geolocation?

For example block all IPs from some country for DDoS attack (or other brute force) but allow for correct data communication (http).

Thanks

Bandwidth usage

Is there a way to see total bandwidth utilization in the PAN's gui interface?  I'd like to determine the amount of bandwidth users are using at various times.

Thanks

HA Active/Active,..

Hi Team,..

Attached is the scenario for HA Active/Active,..Is it possible to configure IPSec and SSL VPN in this Scenario?

The  external interfaces of each PA firewall is directly connected to ISP  routers and have configured defferent public IP's on b

Management of the Palo

Hello

I have my Palo on a different IP range to my local network and wish to be able to connect to the palo to manage it from my local lan ip range. is this possible

my palo is on a 213.x.x.x which is the isp range

my lan is on a 10.x.x.x.x range.

Mark

Palo updates

Hi

I have just setup my Palo but it cant access any of the update servers, i have a security rule which is source trust zone des untrusted

my trusted zone is on a 10.x.x.x range

my un-trusted which connect to the isp router is a 213.x.x.x range,