General Topics

User ID via IP only?

I have recenlt purchased a PA-500, waiting for it's delivery and have yet to set one up in anything other than vwire mode.

Our wireless has two SSIDs.  Each SSID has it's own vlan and DHCP server.  Problem is the students have become wise enough to sw

Quality of Brightcloud URL categorisation or lack of.

Hello

Has anyone else found that there are a large number of websites being classified as Job Search when they are blatantly not? We are finding this to be the case and in fact are generally finding the classifications to be a bit hit and miss in plac

Global Protect - ondemand

After installing the GlobalProtect client software on a Windows 7 Home laptop, even when the client is not being used, every so often a message will pop up with  "on demand" will connect on its own and it will not time-out. The only way to stop it is

User Identification not working for Decrypted SSL Traffic / Data Filtering

Hey Guys,

I recently implemented a SSL Decryption Rule to decrypt SSL traffic between my users and a particular destination so I can apply a Data Filtering Rule to it.

Everything appears to be working except that it seems like the User Identification p

Global Protect Datafile Version mismatch

Im working thru the process to roll out the Global Protect VPN software to our laptop users - I have three PA boxes, a 2050 and two 2020s - all are running 4.1.3, all have GP gateway licences & client 1.1.4 installed although we only have one portal

Problem User-ID Server Connection List in eDirectory

Hi All,

I have a problem on the server connections list in the edirectory on server AD (file attach), for device connection there is no issu. but when i see any connection to the server user-id list to 192.168.203.9 (AD) <-> connecting (Server Down).

PAN and iPrism integration problems in vwire

Trying to insert a PAN in vwire mode between the existing external firewall and the existing iPrism web filter using vwire. When the iPrism web filter is removed and the PAN is between the external firewall and the core switch, traffic is passing fin

nat and microsoft nlb/cluster in dmz

Hi,

do you have any idea or experience nat for any cluster/nlb microsoft machine (sql or exchange) in dmz zone...

how can we do that

regards

One day in production with 4.1.3

Alright, this is basically a rant..

I installed a PA-500 at a site this last weekend, replacing a Cisco ASA 5520.  We are using this site as our test bed for the 4.1 codebase before rolling it out company-wide.  To be honest, I'm in no hurry to move f

Allowing Mac mail client to send/receive

I have users/board members that come on campus and need to get mail through applications like the built in mail client on a Mac or from a FirstClass mail server. In this instance the ports they need to communicate with are 995 and 510 respectively. W

Applying security policies with security profile groups

Typically, are these applied on the inbound direction or outbound direction of an interface?

And if you wanted to protect an entire zone/interface would you just apply it to any source and any destination?

For example if you wanted to apply Antivirus t

Global Protect

Hi all,

im tryng various option to disable the global protect client on my macbook.

The vpn client works fine, but if i select the disable option with ticket, or with pass code, and try to disconnect from the client it's disconnect without challange or