Web server and TMG

Hello

our web servers are published using tmg

at the moment i have a security rule form l3-trust to l4 untrust with any set

what do i need to do to allow traffic through to the web servers and tmg?

How to block DDoS attack according geolocation?

Is there posibilities how to block DDoS attack according public IPs geolocation?

For example block all IPs from some country for DDoS attack (or other brute force) but allow for correct data communication (http).

Thanks

Bandwidth usage

Is there a way to see total bandwidth utilization in the PAN's gui interface?  I'd like to determine the amount of bandwidth users are using at various times.

Thanks

HA Active/Active,..

Hi Team,..

Attached is the scenario for HA Active/Active,..Is it possible to configure IPSec and SSL VPN in this Scenario?

The  external interfaces of each PA firewall is directly connected to ISP  routers and have configured defferent public IP's on b

Management of the Palo

Hello

I have my Palo on a different IP range to my local network and wish to be able to connect to the palo to manage it from my local lan ip range. is this possible

my palo is on a 213.x.x.x which is the isp range

my lan is on a 10.x.x.x.x range.

Mark

Palo updates

Hi

I have just setup my Palo but it cant access any of the update servers, i have a security rule which is source trust zone des untrusted

my trusted zone is on a 10.x.x.x range

my un-trusted which connect to the isp router is a 213.x.x.x range,

VPN setup 4.1.6

is there any documentation for setting up VPN on 4.1.6?

I took a look but couldn't find anything recent.

Thanks.

Running Captive Portal with no SSL/Certificate

Hello

I am running Captive portal successfully with HTML/POST based authentication. However as I only have a self signed certificate this generates a warning in the users browser.

There is no requirement to encrypt the username/password submit to the p

App statistics very different between CLI and GUI

I ran the command 'show system statistics application' on the CLI of our PA-4020 at the Internet border and see these results....

Virtual System: vsys1
application                      sessions   packets      bytes
-------------------------------- -----

PAN 500 Locked Up Today

So, today, when basically nobody was on campus the PA-500 decided to lock up.  I could not connect to it at all and it was not passing traffic through.  Looking at the logs, it appears as though it locked up at 3:02 a.m. on Monday as there was no tra

HA Active/Active,..

Hi Team,..

Attached is the scenario for HA Active/Active,..Is it possible to configure IPSec and SSL VPN in this Scenario?

The external interfaces of each PA firewall is directly connected to ISP routers and have configured defferent public IP's on bot

Shared Gateway and VSYS

Hi,

I've a basic setup with TWO vsys with separate vrouters on each vsys (Maketing and Sales ) and a shared Gateway. Some vpn Tunnels terminating on my shared gateway.

I need to implement some static NAT rules for my VPN tunnels, so far so good.

Routing