Did you know that you can help your fellow community members by accepting solutions when a reply answers your question Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature
...
I have a PA-4060 and am monitoring via a TAP port my Internet connection and want to see how much traffic is being sent to the IPS engine hardware. I need to know this because I know the IPS functionally is 1/2 of the rated throughput of the firewal
...
I have some problems with user identification and I'm very confused about how it works.
In the case that we use User-ID agent with AD. Is it the following process correct?
1.A user makes a logon in PC-A , with his domain credentials.
2.An event is creat
...
I tried to download temaviewer (TeamViewer_Setup_it.exe) but the firewall pa500 blocked me like viruses Trojan/Win32.agent.ckovs what should I do?
Does PA support unix-style tracerouts. I have enabled ICMP and PING, but tracerouts from unix hosts through palo alto are still being denied. Looking at this a little bit further, we noticed that windows-style tracerouts use ICPMP echo requests and r
...
Is it possible to secure SSH with a public/private key or some other means. I have noticed an extremely high number of logon attempts, and want to block these as much as possible. I am sure I can lock it down to certain source IP addresses, but I w
...
Hi All,
I heard that its possible to have a vsys with a different PAN-OS that the others, to do such things as test the PAN-OS upgrade out with rules, etc before applying it across the board to all.
What I can't see in the appliance UI, is how to do th
...
Hi All,
I'm trying to create a role based user, that is specific to a vsys. when creating a user when logged in as the superuser,
I can't create a user, and select the RoleBased profile that is based on a vsys, as the ok button grey's out.
Is there a st
...
Hi,
We have a couple of Linux Samba servers that can only talk NTLM 0.12 dialect(this is from packet captures).
If I am connecting to a Linux Samba share from the internal LAN my Win 7 client(that supports up to SMB 2.0) negotiates down to NTLM 0.12 an
...
Hi,
I have an issue wen my co-worker try to download a file from php.net.
I cannot find wich progam is called in my policies rules.
The file is available at : http(s)://pecl.php.net/get/oci8-1.4.6.tgz and cannot download it.
Thank you and sorry for my
...
I have configured a couple of layer-3 subinterfaces on a aggregate, they are tagged as VLAN 700 and VLAN 800, in my cisco switch I have configured a trunk port that permits VLAN 700 and VLAN 800 to pass traffic across it. When plugged in, everything
...
I want change from a selfsigned to a versign cert on my SSLVPN interface. How do I generate the CSR on the PAN. Is this supported in 4.05? or do I need to download OpenSSL?
Hello,
What's the most stable release for a cluster (active/passive) of PA500 running IPS, AV and URL filtering ?
Regards,
Hedi
Hello,
I wnder that there is no way to select multiple objects at the same time when creating a group object ? Indeed, when I create several addresses, and I create a group to inculde all these addresses, I have to select one address at a time.
Immagin
...
I am getting very close to the 1000 max NAT rule limit on my PA-4020's, are there any plans to increase this limit in future releases of PANOS or is my only option to upgrade to a PA-4050?
Hi,
I've the following setup.
Two PA5020 in Active/Passive setup.
One VR = STX-VR
Running OSPF & BGP instances.
Primary firewall joined in OSPF since i have interface e1/1 joined Area : 0.0.0.0
Primary firewalls joined in BGP since i have interface e1/2
...
TomYoung
on:
Confused about QoS on Palo, need some assistance.
TomYoung
on:
Static Port Address Translation question
TomYoung
on:
what is the cli command for checking last failover
reaper
on:
SSL inbound inspection certificate issue
TomYoung
on:
One Global Protect Portal and Two Global Protect Gateways in One Firewall
reaper
on:
password reset for user through support.paloaltonetworks.com
