General Topics

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

rate-limiting qos policy

Hi,I'm interested in creating a simple qos policy, which will rate-limit streaming applications for all users, except a group of power users.I'm assuming that I would have to create two QOS rules (policies).First one will assign streaming traffic for power users (source user = power users). In this case I would probably omit class, so that the d...

Resolved! Unusual Log entry

In the monitor tab, I'm seeing entries as sys1+[zone Name] in both the "from zone" and the "to zone" columns. What could this mean?

Can the TS Agent be pushed out via SMS or SUS?

Can the TS Agent be pushed out to the Terminal Servers via SMS or SUS?- jwolach

Resolved! SNMP to split between Panorama and traps server

I have a question regarding the SNMP server settings on a 5020.If I have specified to send SNMP to panorama and I also have a traps server listed for the same type (let's say 'informational') will the unit send to both Panorama AND the trap server?

Resolved! Ssl Exclude What for ?

I wonder when we need to use SSL Exclude option for certificate.When I try to write a decryption policy and try to test SSL exclude , I could not see any differences.I looked to pdf and it gives just that info below :SSL Exclude—This certificate excludes connections if they are encountered during SSL forward proxy decryption.Does anybody have an...

Resolved! MAC 10.8 using NetConnect issue?

Hi, I used browser to login SSL VPN portal in MAC 10.8 client. At first time,there is no any problem to connect, but second time,the NetConnect can not get any IP from PA. Just one time succesfully,I can not dial again. Do anyone have this issue? PA OS is 4.0.7

IPSEC WITH PBF

Hi guys ,I dont know what happens but when i use pbf on my isp`s , my ipsec vpn don`t traffic......what can be?best regards.

Resolved! Java 1.7.0_05 can not download SSL VPN Client application completely!!

Dears, I had updated java JRE to 1.7.x,but I can not use SSL VPN client any more. Does anyone can help to reslove this issue? My PC OS: windows 7 pro 64-bitPA500 OS: 3.1.9Browser: Firefox 14.0.1 I found the download's process always be stopped at almost 80%, just like the g...

How to block csv files download by File-Blocking

Hi All,I just want to block csv files download by file-blocking, however I cann't find it in the file types.Are there any ways to block it download?Thanks,Joy,

ELSTER and SSL decryption

In Germany one can use "ELSTER" to transmit tax reports electronically to the financial authorities. Elster is build in many ERP Systems and alike.Unfortunately the certificate used by the authorities is self signed and therefor not trusted by the PA and gets newley created by and signed by the "forward_untrust" CA in the PA rendering a communic...

Resolved! bi-direction NAT question

I have the following rule in the firewall and was wondering if I needed to create a second rule for the other direction or if the bi-directional option will take care of it for me.examplesource address :10.100.10.50 > destination address: FTPSERVERSGROUP > Source Translation: static-ip 209.165.241.88 bi-directional Basically if 10.100....

URL rewriting

Hi all,I am in front of this issue and I don't know how to solve it, can anyone help me?I have to migrate the configuration of some checkpoint security rules to a Paloalto PA-500 (panos 4.0).On checkpoint there are some rules that make URL rewriting:EX (I try to translate the rules)some rules are configured to grant access to the website. So, wh...

Resolved! Rules not applying to AD groups

Hi,For some reason my Palo Alto 2020 has stopped recognizing rules that are applied to AD user groups. My 2 User ID agents are running on the Domain controllers and are showing green on my Palo Alto box.It works if I apply the rule to a specific AD user, so I know it is able to communicate with the ID agent otherwise it wouldn't register the use...

full mesh or hub and spoke VPNs running OSPF

Hi there,is anyone managing this with let's say 50 sites and multiple connections (Internet, MPLS). Currently we are using Juniper and the VPN manager inside the central management (NSM) does this job for us. The good thing is that when you have found a NSM release which is working and has no show stopping bugs it is running really well.How does...

Resolved! backup local config to panorama?

Hi,We already have an PA appliance installed.We buy panorama 1 month later. Mainly because we want to keep logs long time like 2 years of logs.So we just want to manage Rules set of the PA with panorma, and get all the logs.First step i try to do is doing an export/import of the PA to panorama.There is clear exemple to do that?For now i only f...

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!