Can you limit the bandwidth per source IP?
Hi there,is there a way to limit the bandwidth per source IP?As far as I know the QoS policies limit the bandwidth per interface not per source IP. Is this correct?Regards,Sylvia
Hi there,is there a way to limit the bandwidth per source IP?As far as I know the QoS policies limit the bandwidth per interface not per source IP. Is this correct?Regards,Sylvia
For the replacement test,I had set the spare SSD in the PA-5000,and some logs was written on SSD.Could you tell me how to format of SSD?
Hello, New to the forums and Palo Alto, and I have a simple question. How do I pull a report for all websites a user has visited? Seems straight forward enough, but a user activity report is extremely lacking and to be perfectly honest I am not sure I am reporting all the traffic from a user. Some users are showing a few websites wh...
Works the User-ID XML API only with LDAP Agent or works too with AD Agent?We need to make a logof script to delete the entries of some users.
I have a PA-4060 and am monitoring via a TAP port my Internet connection and want to see how much traffic is being sent to the IPS engine hardware. I need to know this because I know the IPS functionally is 1/2 of the rated throughput of the firewall functionallity.I know about the following commands but I don't think this gives me what I want:...
I have some problems with user identification and I'm very confused about how it works.In the case that we use User-ID agent with AD. Is it the following process correct?1.A user makes a logon in PC-A , with his domain credentials.2.An event is created in Security log (ID 4768/4769/4770) "LOGON USER-A -> PC-A"3.User-ID agent check the securit...
I tried to download temaviewer (TeamViewer_Setup_it.exe) but the firewall pa500 blocked me like viruses Trojan/Win32.agent.ckovs what should I do?
Does PA support unix-style tracerouts. I have enabled ICMP and PING, but tracerouts from unix hosts through palo alto are still being denied. Looking at this a little bit further, we noticed that windows-style tracerouts use ICPMP echo requests and rely on ICMP destination unreachables ,messages, but unix-style tracerouts send UDP packets with h...
Is it possible to secure SSH with a public/private key or some other means. I have noticed an extremely high number of logon attempts, and want to block these as much as possible. I am sure I can lock it down to certain source IP addresses, but I would prefer to not go that route as we have roaming IT staff that use a variety of connection met...
Hi All,I heard that its possible to have a vsys with a different PAN-OS that the others, to do such things as test the PAN-OS upgrade out with rules, etc before applying it across the board to all.What I can't see in the appliance UI, is how to do this, if its in fact possible.Can anyone confirm, or deny, this can actually be done, and if so how.
Hi All,I'm trying to create a role based user, that is specific to a vsys. when creating a user when logged in as the superuser,I can't create a user, and select the RoleBased profile that is based on a vsys, as the ok button grey's out.Is there a step that i'm missing here?
Hi,We have a couple of Linux Samba servers that can only talk NTLM 0.12 dialect(this is from packet captures).If I am connecting to a Linux Samba share from the internal LAN my Win 7 client(that supports up to SMB 2.0) negotiates down to NTLM 0.12 and connects using cached credentials.If I am connecting to a Linux Samba share from client VPN, th...
Hi,I have an issue wen my co-worker try to download a file from php.net.I cannot find wich progam is called in my policies rules.The file is available at : http(s)://pecl.php.net/get/oci8-1.4.6.tgz and cannot download it.Thank you and sorry for my bad englishM.B
I have configured a couple of layer-3 subinterfaces on a aggregate, they are tagged as VLAN 700 and VLAN 800, in my cisco switch I have configured a trunk port that permits VLAN 700 and VLAN 800 to pass traffic across it. When plugged in, everything comes up just fine and I'm able to ping both interfaces etc etc.As soon as I add a native vlan ...
I want change from a selfsigned to a versign cert on my SSLVPN interface. How do I generate the CSR on the PAN. Is this supported in 4.05? or do I need to download OpenSSL?
| Subject | Likes |
|---|---|
| 4 Likes | |
| 2 Likes | |
| 2 Likes | |
| 1 Like | |
| 1 Like |
| User | Likes Count |
|---|---|
| 4 | |
| 3 | |
| 2 | |
| 2 | |
| 2 |

