Having trouble configuring IPSec tunnel (PA-500)

We have a VPS system to which we need to grant access to our private office network.  The VPS is in a cloud service so there is no networking gear that we can use for the vpn end point.  Our office network is behind a PA-500 firewall.

The VPS is a Cen

User-ID 4.1.2-2 and Exchange

I am attempting to gather user to IP mapping for exchange users with User-ID agent 4.1.2-2.  I am accessing our exchange server using the iphone mail app, but no information is for my IP address.  I know there is a known issue logging IMAP or POP3 us

User-ID / group mapped incorrectly

Hi all,

I've wanted to block some sites for specific users and created an AD group on my W2K8 R2 DC. Unfortunatly I have some problems that I haven't encountered before.

When checking the user I see the user is a member of my test group, so far so good

Application Logmein identified but not dropped by rulebase

Hello,

Sorry, but I hav  implemented a brand New PAN solution with Url cat and AV license.

All configuration works find. I have a visitor zone on a DMZ and I want them to access Internet but with my Url Categorisation, so I can't let them use Remote ac

VPN SSL - Verification of a login belonging to a AD group

Hi support,

I have a question regarding the authentification of users through the VPN SSL.

Here is the situation:

Login of the SSL VPN user: AdminLogin
Password of the SSL VPN user: AdminPass
SSL VPN name: AdminSSLVPN
Authentication Profile associated wit

Using RADIUS for admin access without local accounts

Hey All,

This might be documented or already discussed but I can't seem to find anything on it. Question is.....Is it possible to use RADIUS for admin access to a PAN box without the need for local accounts ?

Many Thanks

Jon.

Site is not loading

Dear All,

I failed load below site eventhough the url filtering is off. Any idea? This site is working well in dsl connection.

http://www.soti.net/

Thanks

Asanka

on Palo Alto Certificate create

L2 with Aggregate

Hi

  We would like to configure L2 with Aggregate between PANOS (4.1 - PA5050) with cisco switch

     -  After we do L2 Aggregate  , and assign IP Address on VLAN , we find that when we ping to this IP Address , there are many request-timeout.

     - If

Filter activesync

Hello,

I wonder if the following is possible. (Question from a potential customer).

They want to filter/DENY MAIL from the activesync traffic to mobile devices (users in the organzation using phones that are not approved because of security).

But they w

Unable to Run User Activity Report After PAN OS Upgrade

We recently upgraded our appliance to 4.1.3, and now cannot retrieve any data prior to the OS upgrade when running User Activity Reports.  My logdb shows that we are near full capacity (but haven't reached the 80% threshold as of yet); however can on

HA questions

Hello,

I'm having trouble understanding how Active/Passive HA works in Palo Alto. In other solutions the active device has a virtual address on top of its physical interface address, and when the active device goes down the passive device 'takes over'