Multiple Public IP's on External Interface

All,

I apologize if this has been asked before but I couldn't find anything related to my specific question.  I am a newbie when it comes to firewalls in general.  We are going to be migrating from ISA to the PA firewall shortly and I have a question

SNMP TRAP Recommend

Hi All

I want to set snmp traps to my snmp-server , are there any recommend about that ?

I have got the snmp mip from paloalto support site, but there are too many descrpitions about trap, so maybe someone can give me some recommends about system healt

Incoming Traffic failed in Active Active HA

Hi,

I setup active/active configuration and everything seems to be working. We test HA by powering off the other peer and vice versa. All outgoing traffic are working as expected. But, we notice that we're not receiving incoming traffic if one of the

USER - ID FOR EXCHANGE SERVER

Hi Guys ,

I see on PAN OS 4.1 releases , We can discover user from Exchange Server.

So where we have a document to understand more better how it works ?

Where can i do download for this agent ?

I need to install something on my exchange server ?

Best Rega

Brute Force Signatures

hi : In regard to Brute Force Vulnerability Signatures 40015 (ssh) and 40021 (rdp) :

Why is there not a way to permanently block an IP number that exceeds the configured  Number of Hits per time period? Is this possibly in the works fro a future relea

TCP sequence number inference attack

Is the Palo Alto Firewall also affected by this vulnerability?

http://tinyurl.com/bpf9odl

Kind regards

Marc

Site to site VPN phase one error.

Hi Team,

For Site to Site VPN in System logs showing ( description contains 'IKE phase-1 SA is deleted SA: 10.10.10.1[500]-10.10.10.2[500] cookie:eb16a2088724d32c:0000000000000000.' )

Thank you in advance,.

web browsing problem

hi,

i installed pan5020 my customer..customer have 8 branch offices with metro ethernet..but some web page cannot open from branchoffices like www.yahoo.com, www.microsoft.com,etc.(i examine rule and logs everythigs looks normal, its interesting)

when

Ipsec VPN to Cisco ASA

Hi Guys,

right now we are trying to setuop a ipsec vpn between out palo alto 4.0.7 box and a cisco asa 8.2 box ..

Cause we are running into troubles whithin the ike setup, i would like to know the following:

1. How can i debug the vpn setup in the pa ?

iOS VPN and Identity Certificates

We are testing Certificate Based Auth + User Based Auth for iOS VPN.  Is it best practice to export a unique Identity(Client) Certificate for each user/device? Or is it common to use the same Identity Certificate for everyone? Security wise, it would

slow ftp log export

PA2020.

Exporting logs using ftp seems extremely slow. We are talking about speeds around 30 KB/s, this on a full GB network to a ftp server with fast storage. Logs are big (easily over 10GB) so it would take days to export them.

How can I speed things

Facebook limited filtering

Our business has a Facebook page but as a policy we have Facebook blocked as a whole.

Is it possible to unblock certain pages in Facebook only (eg. www.facebook.com/mybusiness) but maintain deny access to every other page?