Netscreen to paloalto Policy converstion
Hi, Any one I need some tips on how to migrate 600 some policies from netscreen to palolalto. Thanks,Raj
Hi, Any one I need some tips on how to migrate 600 some policies from netscreen to palolalto. Thanks,Raj
Hi Guys and GalsI see there is already multiple threads about mis-classification on URL categories! I am now pleading with Palo Alto to address this issue with BrightCloud!To reduce the none business related websites we started blocking the "society" category..... Now we are being flooded with incidents where busines related sites are being blo...
Have a security consultant that is trying to connect to our PAN SSL-VPN and thinks there is a bug and wanted me to report it. He was using NetConnect SSL VPN client 1.3.1 with win7 and IE9. They could not get connected and got the following error; java.net.MalformedURLException: unknown protocol: socket I found the following URL while doing a s...
Hi All,Does anyone have any indicative figures of the amount of data that flows from a PAN apppliance to Panorama?Say a 4050 running at a consistant 50%, and logging everything = xMB/day of logs?I'm trying to calculate what will be required to have Panorama remote to the actual appliances themselves
Under security rules does service refer to source port or destination port and what is the best way to define both source port and destination port in a rule on version 3.1.6
Hi to all,We've two PaloAlto firewalls PA-2020 with 3.1.6 software image version and HA licensed.Both have active gold maintenance support. Last week we tried to update to the last version 4.0.4 and the upgrade process failed.Step 1We started with the first firewall downloading the image base 4.0.1 version and all was ok. We didn't install becau...
I'm hoping I'm missing something obvious here...is there a good way to support SSL-VPN access for different types of users who require different access and use different authentication schemes?I am trying to setup multiple SSL-VPN tunnel configurations for different types of users. Initially, I was hoping to use a single SSL-VPN configuration a...
Hi all.I have 3 questions about SSLVPN session time-out.1. MAXIMUM LIFE-TIME of SSLVPN session?2. What are the default values of Login life-time and Inactivity logout if it isn't set.3. The meaning of "Logout/Expiration" and "TTL" come out by "show ssl-vpn current-user.Thanks.
We are tested PAN 500 NFR in our lab . Did a search for youtube proxy on google and picked the first listed . Used them and bypassed the PAN box and was able to get to facebook and yahoo mail . I couldn't get to these sites through my browser directly . I am sure there are others, people can also use . I thought PAN prevented such circumventio...
HiHave a PA 500 set up for split tunnelling - so clients access internet locally and all other traffic is passed over VPN tunnel to our officeI have DHCP set up on PA box so clients get primary DNS server (local ISP one) and secondary DNS (office one)I have set up a rule from trust to untrust to allow application DNS and service DNS however i am...
Hi, since the apps-threat update 261-1092 some FTP-SSL sites stop working with a timeout error.Iñaki
We are using Capitive Portal for students on our campus. All students' devices including gaming devices get DHCP from a PA2050 and these IP ranges require CP. XBox seems to get DHCP and tries to connect to XBox Live servers, but fails. We don't see the CP login page. 1. If Xbox gets the same IP range that require CP, is it possible to have a pol...
So interesting issue don't know if others have the same issue. Email reports that are generated in the firewall and sent via email on schedule. When I view the PDF on the iPad (newest version of iOS) there is no text in the report it only has the graphs and all text is missing. I have opened e PDF in the native viewer as well as good reader ar...
Hi there,we use the pan-agent installed on a DC to read out the users of some AD groups. Works fine so far. The only problem we got is, that if a user is removed from an AD group, I will always have to run the "clear uid-gids-cache" command on the device to get the user removed from the PAN cache.The pan-agent doenst show the removed user any mo...
We have installed a Comodo wildcard cert on our 2050 for use with the SSL-VPN and Captive Portal. IE and Chrome are fine, but Firefox always says the it can't verify the authenticity of the cert. I remember reading in another post that someone had to chain the intermediate and root certs together and import them into their PAN, but have no ide...
| Subject | Likes |
|---|---|
| 4 Likes | |
| 3 Likes | |
| 2 Likes | |
| 2 Likes | |
| 1 Like |
| User | Likes Count |
|---|---|
| 7 | |
| 5 | |
| 3 | |
| 3 | |
| 3 |

