Site is not loading
Dear All,I failed load below site eventhough the url filtering is off. Any idea? This site is working well in dsl connection.http://www.soti.net/ThanksAsanka
Dear All,I failed load below site eventhough the url filtering is off. Any idea? This site is working well in dsl connection.http://www.soti.net/ThanksAsanka
We create a certificate on our local CA. We want to decrypt traffic in Palo Alto using this certificate. We decided to use the CN as "*" to match all destination hostnames the client will use. We installed the certificate and the intermediate and root certificates on Palo Alto but we could not be able to decrypt the traffic via this certificate....
Hi We would like to configure L2 with Aggregate between PANOS (4.1 - PA5050) with cisco switch - After we do L2 Aggregate , and assign IP Address on VLAN , we find that when we ping to this IP Address , there are many request-timeout. - If we configure L2 and set IP on VLAN only (without aggregate), there is no problem (Ping smoothly...
Hello,I wonder if the following is possible. (Question from a potential customer).They want to filter/DENY MAIL from the activesync traffic to mobile devices (users in the organzation using phones that are not approved because of security).But they want to ALLOW calendar sync and contacts sync.We already have configured inbound-ssl decryption on...
When I have configured SSL decryption, I always get this warning message when I commit:· Warning: vsys1 decryption: forward decrypt untrust cert is not configured, forward decrypt trust cert will be used instead.· (Module: device)· Configuration committed successfullyHow can I get rid of this message when I haven't configured an SSL unrust certi...
We recently upgraded our appliance to 4.1.3, and now cannot retrieve any data prior to the OS upgrade when running User Activity Reports. My logdb shows that we are near full capacity (but haven't reached the 80% threshold as of yet); however can only pull data from the last reboot of the device - post OS upgrade. If I run a report from the Re...
What is the difference between the license version and non-license version of the global protect? Is there some documentation on what we would get with the license version verus the non-license version? I would like to have some kind of documentation that show the perks between the two.
Hello,I'm having trouble understanding how Active/Passive HA works in Palo Alto. In other solutions the active device has a virtual address on top of its physical interface address, and when the active device goes down the passive device 'takes over' by sending a garp notifying devices that it is now the virtual address receiver. I can find a fl...
Is there an easy way to change an address to a shared address for virtuals domains.The only way we found is to clone the address and change every policies where the address is used which is very long !
I have been disabling "server response inspection" by default in all my policies as it is documented in a number of places (including independent group tests) that this improves the overall firewall performance, and I was under the impression that SRI was only useful in certain data-centre environments that do not apply to us.However while testi...
Hi,I could not find a way to block access to sites with invalid (self signed, expired) ssl certifcates. Any Ideas ?PAN OS 4.1.3.rgds Roland
Hi,I'm running the latest firmware from PAN on a PA-500. Not long ago the commit was pretty fast, like 1 minute or so.I haven't done any major changes, but i've noticed the commit has become gradually slower as time passes. Now its really slow!Can someone tell me the reason for this, and a way to fix it?I will get the 5020 box very soon, but i...
Hello all,I recently upgraded to the 4.1 OS from 4.0.1. The firewall settings are fine but for some reason whenever the firewall tries to download any new software like 4.1.1, GlobalProtect, Dynamic Updates it keeps getting the error "Failed due to network failure".I have checked and made sure that the Managment Interface is not being blocked by...
show config candidate can show candidate file, is it possible to create a report for candidate configure output?ThanksSimey
I'm probably overlooking something obvious.. but I can't seem to find a way to generate a login / session report of SSL-VPN users. Can anyone give a brother a hint?
| Subject | Likes |
|---|---|
| 4 Likes | |
| 2 Likes | |
| 2 Likes | |
| 1 Like | |
| 1 Like |
| User | Likes Count |
|---|---|
| 4 | |
| 3 | |
| 2 | |
| 2 | |
| 2 |

