Site to site VPN phase one error.

Hi Team,

For Site to Site VPN in System logs showing ( description contains 'IKE phase-1 SA is deleted SA: 10.10.10.1[500]-10.10.10.2[500] cookie:eb16a2088724d32c:0000000000000000.' )

Thank you in advance,.

web browsing problem

hi,

i installed pan5020 my customer..customer have 8 branch offices with metro ethernet..but some web page cannot open from branchoffices like www.yahoo.com, www.microsoft.com,etc.(i examine rule and logs everythigs looks normal, its interesting)

when

Ipsec VPN to Cisco ASA

Hi Guys,

right now we are trying to setuop a ipsec vpn between out palo alto 4.0.7 box and a cisco asa 8.2 box ..

Cause we are running into troubles whithin the ike setup, i would like to know the following:

1. How can i debug the vpn setup in the pa ?

iOS VPN and Identity Certificates

We are testing Certificate Based Auth + User Based Auth for iOS VPN.  Is it best practice to export a unique Identity(Client) Certificate for each user/device? Or is it common to use the same Identity Certificate for everyone? Security wise, it would

slow ftp log export

PA2020.

Exporting logs using ftp seems extremely slow. We are talking about speeds around 30 KB/s, this on a full GB network to a ftp server with fast storage. Logs are big (easily over 10GB) so it would take days to export them.

How can I speed things

Facebook limited filtering

Our business has a Facebook page but as a policy we have Facebook blocked as a whole.

Is it possible to unblock certain pages in Facebook only (eg. www.facebook.com/mybusiness) but maintain deny access to every other page?

BGP export policy is ignored after a change

Has anyone seen the following and found a solution?

I have a BGP peer setup with an export policy permitting only specific prefixes.  If I modify this policy, to allow an additional prefix, then when I am commiting the change, the firewall completely

Controlling BYOD as well as scanning app store traffic

Hi

I've got an interesting question regarding mobile devices based on iOS or Android (maybe also Symbian and/or Blackberry OS to a much lesser extent). I searched the forums but haven't found anything posted that ask the the following questions:

1) How

User identifcation gaps

We have an AD account for which we restrict all Internet access via a user-based security rule. The account is an auto-logon account for certain kiosk-type machines in our environment. I'm finding that the username being used on the machine is not al

how to block mp3 ?

hi ,

i just got a request from a custoer on how to block mp3.. so as currently PanOS doesnt detect it , can we add it as a signature ?

BR

How can I delete reports in incorrect date field?

Hi.

Firewall was working as a incorrect date.

Logs were saved in incorrect date during set the incorrect date.

If I open the report, it shows incorrect date as a default.
I think if I delete reports which saved in incorrect date, it might be able to s

User-ID XML API Response Time-out

I'm working with the new LDAP User-ID XML API and things are going fairly well except for getting the response back from the agent after I make my updates.  Looking in the "Monitor" section of the agent and the Palo Alto itself, it is clear that my u