Hi I think it is impossible but am wondering about that.for example.www.naver.com:8080/aaa/* (within port number on URL)is above is possible on url filter of PA?Thanks.Regards.Roh.
Hello all. I have a couple of questions about Global Protection feature. 1. If I configured Global Protection for external users, is it possible to block for network access for specific user who doesn't has latest patch or latest anti-virus? 2. if it is possible, can i configure redirection to warning msg for those specific user? 3. Does glo...
I am trying to setup outlook web access (Exchange 2010) for my network.Here is what I have done thus far:Object -> Addresses: Setup the internal address of the exchange server.Policy -> Security: Created a rule with the following data (Name: owa - Source Zone: untrusted - Address/User: any - Dest Zone: trusted - Dest Address: OWA - Dest Ap...
Hiwe have a profile set up for critical events - there seems to be a TO and CC field but anyone know how to add a 3rd address?thanksSue
Hi All,So title says it all. I have a client with twin 4050's running in an active-passive cluster, that we have recently enabledURL filtering on.Annoyingly, there is no sync that we can see between the active and passive for the URL database, from initial activation,through to the dynamic updates.We have to bounce the pair to bring the passive ...
I have talked about this setup before but I am having issues getting it to work in the lab. I would like to position the PAN "inline" between two cisco switches that are connected via a trunked interface with specific allowed vlans. I would like to break it up and apply policies based on the tagged vlans across the trunk. So far I have configure...
I have a customer that is using RPVST+ on the core of their network for redundant Layer 2 connections to their servers. Using spanning tree link costs they load balance the trunked connections to their core switch. They have asked if it were possible to implement the PAN on one of those two trunked connections via Layer 2 subinterfaces and keep ...
How I can extract the entire database of PA2020? I need to generate other reports with another system, please help! ps: and try it with the command "export log-file tftp *" does not give me what I need, I'm only one month of the five I have, the disk used for logs measured 124GB, eExcuse my translation error Regards Arturo Vazquez
I'm working on developing my rule base prepping for implementation. I'm noticing that alot of my inbound rules, ie:Where the destination in an address object with my internal IP. Now of course I have NAT rules to statically NAT the traffic inbound and outbound. Outbound (handled by another rule), the log shows the internal IP address as the s...
Hello, We have two PAN-2020 appliance running with 4.0.5 and setup for active/standby HA. We would like to change our HA setup to active/active instead of active/standby. In our existing setup we have two interfaces configured for virtual wire and one is setup as layer 3 interface for captive portal. If we change the active/standby setup to acti...
Hello all.quick question.during the demo(TAP mode), customer want to map IP to user id.in the TAP mode, can I integrate w/ LDAP to retrive the user id?in the doc-1445. transparent authentication only support AD. and interactive authentication can support LDAP, RAIDUS and local db.on in my customer's case, the only available option is using AD?...
YES, you read it right! DIAL-UP speeds! Unfortunantly we have some users that have old 1x and iDEN air cards that are probably slower than some Dial-Up speeds. It is what it is I suppose. Our old IPSEC vpn (Check Point) client really didn't complain about it much, it was slow but still connected. We are moving our users over to the Palo Alt...
We are using the UserID agents on our servers for ID and groups. Users that login via our AD domain on bound machines are correctly identified and we can apply policies based on group membership. That all works very nicely. We just put captive portal in place that uses Kerberos for authentication against AD. Users are authenticated, but poli...
Hi - we use Panorama and 4050s all running 4.0.5. We have a lot of rules on this firewall for one reason or another (it's a port from Checkpoint of an internal datacentre firewall where there are lots of non-web applications etc). Anyway, I can find rules in the policy GUI fine - but what I'd like to be able to do is locate a specific rule quick...
Hi all,user - better: usergroups - identification is a major point in our evaluation of the PAN-Firewall.Now when trying to install "PanAgent-3.1.2" on my windows7 laptop the software itself is installed, but theservice failes: "Error Installing Service" when trying to execute PanAgentServices.exe(Of course using administrator-rights)Is this a k...
| Subject | Likes |
|---|---|
| 2 Likes | |
| 2 Likes | |
| 2 Likes | |
| 2 Likes | |
| 2 Likes |
