My SMTP rule allows a lot of other traffic

Hello,

I have a specific rule that only allows SMTP application.

When looking at the traffic logs related to this rule, I see a huge amount of other packets !

Most of them are "incomplete", but I also have a lots of applications like dns, oracle, RPC an

PanOS 4.1.0 Interface view

Hi we've updated our boxes, to 4.1.0.

The problem is, that the interface view is unsorted. Maybe this can be changed in an setting somewhere.

Anyone else had this problem and a solution for this?

Thx

HA Active/Active - Failover issues

Hello,

I have tried to setup an Active/Active cluster, based on the "PAN-OS Active/Active High Availability - Configuring active/active clusters" technote. I am pretty sure that I have understood and followed the guide correctly.

However, regardless of

Content update 276 pulled?

I saw it briefly flash in my Dynamic Updates list, but now the latest updated available is 275 from Nov 8?

panorama custom reports for *. query

Hi All,

Need help with Panorama Reporting.

1. our orgnization has departments, such as Finance, and users in Finance are
setup as fin.user1, fin.user2, and so on. We need to get report for all users
with the prefix "fin.*" , but I dont seem to be able to

Creating a Dynamic NAT and exclude addresses from pool

There are known issues online with some external sources not accepting addresses with the last octet ending in .0 or .255.  Are there any known ways to exclude these addresses from a Dynamic External IP Pool? 

New PA2020 - WorldofWarcraft - How to make it work?

Morning!

So we went live with our PA2020 yesterday.  Upgraded from our Cisco PIX 525 and so far everything is working great.  Only 10 seconds of downtime as we did the cut over.

I work at a university and the number one request from students is to make

Captive Portal URL

Hello i need some help.

I need to know the URL that PaloAlto device uses to redirect Captive Portal.

I supose should be something like:

http://<PAN_ipaddress>/xxxxxx.xxx

Thanks in advance for your help,

Albert

where is "Network > SSL-VPN" on 4.1.0

Hi

Before I really got started with my PA500, I upgraded to the latest PANOS 4.1.0

Now I am trying to configure SSL-VPN and in the 4.0 Admin docs on page 259 the first section states :

Adding a new SSL-VPN

  Network > SSL-VPN

The settings on the SSL-VPN

Gratuitous ARP / HA Problems

Hello!

I was running some fail-over tests the other night and ran into some issues with my switch's ARP table updating correctly.

I have attached a diagram that shows all of my PA connections into the switch stack.

In a nutshell, I have a switch carved

Unable to allow only ICMP Echo Request; Firewall passes all the traffic

Hello,

I have 2 networks in 2 different security zones. I have been trying to set up the firewall (PA-500) to allow only icmp echo request (ping), which is an icmp message number 8 and 0 between the two networks. When using predefined application call

How to configure a DMZ on my pa500. Or do I not need one

I have installed a PA 500. With 2 ISP untrust interfaces and one trust interface. Since palo alto is very new to me do I need to configure a DMZ for my spam filter. If so how do I.

Joe