General Topics

translation vs url block/threat block

Hi,

I just came across something quite interesting. A user needs to be able to translate a decent url, but by default translation is blocked by PaloAlto. Once you configure PaloAlto to allow translation, you can actually go into google translate, and

Load Balancing Using Dynamic Routing

Is it possible for the PAN to load balance sessions across two equal cost default routes establish in an OSPF process that the PAN firewall participates in?

If not, can this be accomplished through BGP?

We have one ISP with two connections to the Inter

Traffic forwarding based on security policy?

We have been trying to troubleshoot an issue for a couple weeks now.  We seem to have found the issue, but it doesn't make sense.  I'm hoping someone can shed some light on this:

First off, we have a pair of PAN-4020's in HA @ 3.1.9.

I'm going to overs

Search a application within all your application groups

Hello,

Is there a way to search for a application within all your application groups? say from the commad line?

Thanks

Cannot browse nat webpage internally in lan

Hello All,

We have some internet facing servers who has NAT public address.

1)     Externally we can access the public address of the server.

2)     Internally on our LAN, we cannot access the public address of the server, it timed out. However the appl

Antivirus job failed

Dear Sir,

I am getting above error message in my logs even though the Av update has taken palce. Ths is 2nd time i saw the messgae in the log.

And also I can see some unusual logs in the logs. pleasee see the attched log file.

Regards,

Asanka

SSL Renegotiation Denial of Service Vulnerability

Hi All,

I have received an Alert for SSL Renegotiation Denial of Service Vulnerability.

I have visited the website, and for some reason, Palo Alto thinks i am the attacker,

and the website i am visiting is the victim.

I have attached screen shots of this

panorama-object-counts message comitting Panorama config

After the message "Configuration committed successfully" we have two more messages:

"avg-panorama-object-counts unexpected here. Ignoring."

"panorama-object-counts unexpected here. Ignoring"

What do these mean?

File transfer Issue - PA5050 (PAN 4.0.2)

PA5050 device with PANOS 4.0.2 in L3 mode:
- There is created a single interface AE1 (6x physical interface in LAG);
- There is createsd 100 L3 subinterface with VLANS tag on interface AE1;
- The device has a one rule "allow all" (test environment) w

Dynamic URL database updates failing.

Folks.

I haven't been able to connect to the URL database update server for nigh on two days now - all other updates are working fine.

Does anyone know if there's an issue, or is anyone else experiencing a similar issue?

Cheers

RADIUS authenticated SSL VPN users in policy

     Is is possible to define a "source user" in a security/QoS policy as a username/group that was authenticated by RADIUS? Basically, the need is for users coming in via SSL VPN to have specific security policies assigned to them based on username

Report on Rule Usage?

Hi,

How can I run a report to understand the last use of a loaded policy/security rule? For example, if I have 100 security rules in the firewall policy, how can I identify which rules are actively being used, and which ones are not being used often,