Inbound SSL decryption in vWire and Tap mode

Short question:

Is inbound SSL decryption possible in vWire and/or Tap mode?

Regards,

     Andreas

URL Filtering - DNS Proxy

Hi,

I have the PAN devices in the main datacentres that do DNS lookups for all clients globally. What I am trying to figureout is how to have those servers forward to the PAN and the PAN proxy off to external servers then filter the returns based on a

Multiple Remote Access VPNs, same gateway IP?

Hey all,

I'm coming over from the Cisco world and trying to setup two separate remote access VPNs but using the same gateway IP. My understanding is that normally with the PA you can use the security policies to differentiate users and provide access

Bug in Global Protect Client 1.1.2-9

With GlobalProtect Client 1.1.2-9 on Win 64bit is a Problem when you enter here a DNS Name instead a IP Adress.

It worked with Client 1.1.1-9, so all users who did the Update hat the problem!

On 32bit Windows System it still works with a dns name, but

Microsoft flight simulator Squawkbox issue

We have a user who says once we moved to our new Palo Alto box from Cisco ASA he is having a odd issue.

He claims that Squawkbox works fine as long as he is talking but if he just listens after 2 or 3 min. He looses

his audio until he speaks. To me it

SSL Decryption

Do you need to have a valid URL filtering subscription for SSL Decryption to work?

Thanks

Rod

DRAFT: Procedure to add Antispyware, Threat, & URL Filtering

1.    Policy profiles
    a.    enable applications (one day to enable)
        i.    tweak applications (several days at least, maybe two weeks at most)
        ii.    wait until stability achieved
    b.    enable antispyware  (one day to enable)
      

Kerberos Authentication

Hello all,

I'm trying to understand how Kerberos authentication works on the PAN. From what I understand is that Kerberos does not send any passwords over the network but generates tickets.

1) When a user logs on a SSL VPN portal which is configured fo

Wildfire not showing any files.

I have configured a PA500 to use Wildfire but in the dashboard I don't see any files being examined.

While downloading an .exe I get the page to continue and I see in the Data Filtering Log, action Forward.

Inspecting the system log doesn't show any in

Security Policy Action Options other than Allow/Deny

We have a security rule:

Src Zone: Internal

Src User: Any

Dest Zone: Any

Dest Add: Any

Application: Application filter which inlucde all online videos (e.g. adobe-media-player, http-video, tvb-video, youtube-base)

Action: Deny

It works as expected, howeve

SSL-Out Out Timer

Hi - does somewone know the command to show the current countdown timers for users who have accepted SSL interception?

I know there is one as I've run it in the past, but can't for the life of me find it.

Thanks