SSL decryption in 4.0

Hi,

Is there an article describing how SSL decryption is to be configured in the current version 4.0 ? I can see there has been some changes in the way certificates are being used.

Regards,

Sunil

Respond to ARP for path-monitor IP in virt-wire mode?

Does anyone know if PANOS 4.0 responds to ARP requests for the IP used in HA path-monitoring?

I know that path-monitor sends pings or something similar to the devices it is monitoring.  When you setup path-monitoring, you specific what source IP shoul

Captive Portal with Session Cookie - Synchronization problem

Hi,

     I have a pair of PA 2050 in cluster and the synchronization was working fine until I try to enable the option Session Cookie in the Captive Portal configuration. The only way I have find to re-synchronize my cluster is to disable the Session

Global Protect - Source User 127.0.0.1

Hi,

I'm doing a configuration with global protect that working fine on my pc (laptop with Win 7). But when the real users doing the same with their pc's (Desktop with Win Xp) it dosent work, Global protect give the good message to the user but doesn't

Global Protect Setup using an external CA

Can anyone help with setting up GP to use certificates from an external CA ?

Ive managed to get it working using an internal CA & signing the server & client certificates defined in the portal against that - but Im struggling to get it working when I

How do PA deal with BOT channel using APP such as twitter, skype, other IM?

Hi guys.

Nowadays BOTNET C&C server have been using Command and Control channel using twitter, skype IM and other IM like attached image.

So I wonder about how do PA deal with BOTNET channel traffic using application. I tried to find that any signature

comscore

Has anyone had any experience with this Comscore app this article is speaking of?

http://www.cleveland.com/business/index.ssf/2011/08/privacy_lawsuit_targets_comsco.html

If anyone has found it and logged the traffic I would be greatful if you post it

CryptoCard Card.

When using the Cryptocard authentication server we have had issues where no radius packets are coming through the PA500 on version 4.0.1.  When the packet capture (tcpdump) was run no packets appeared on the interface.....

The only way to solve this p

Upgrade to V4.0.4

Hello

Can i directly upgrade from version 3.1.6 to version 4.0.4

Thanks

Enayat

CLI ping and traceroute resolving ip

Hi,

In the GUI the PA is resolving ip address by quering the dns server. But with CLI commands like ping and traceroute it doesn't seems to do DNS resolving. I think it should be because there is a CLI command no-resolve.

Any ideas why it isn't resolvi

LDAP Error - AD Integration

Hi

has anyone encountered the following error.

When i type the following command

enayat@fw-tec1-pa2050>show user ldap-server state

User-ID agent and 300,000 LDAP UID's

I need to run user Identification of a Sun-One LDAP server, that has two main classes for users, totalling 300,000 users, in one geographic location.

What is the maximum number of entries a user-id agent can handle/cache etc?

Would the best configurati