General Topics

feature request: folder structure to policy list

I would like to be able to organize my policy's in folders to keep things orderly and neat see attached for example

Pan-agent how to set an agent as primary

Hi,

I installed about pan 12 agents to retrieve a Domain and they all communicate with a PAN.

The PAN OS is 3.1.5

As I saw in another post, only one agent send information (IP/user) to the PAN, it is the primary agent.

My problem: this agent does not sen

PAN 3.1.6 use of proxy for updates

Hello all,

After upgrading a PAN Device to PANOS 3.1.6, we see a strange behaviour, when the mananement plane is using a proxy for the updates (as defined in the Device->Setup->Edit).

We have defined a proxy over there, for example 10.0.0.4 and port 80

Get Incomplete on Palo Alto after NAT on CheckPoint

Hi everyone.

I need some help.

I I encoutered a problem with incomplete session during configuring a simple (as I thought) roule.

I have host inside my network and I want to configure the access from the internet. My configuration is: the first firewall

Can I have only one URL sub in an HA pair configuration?

Is it possible to have a HA pair of PAs where only one of the units has a license for URL Filtering?  If so, what happens when the units failover to the one without the URL license?

Thx

OCS or Lync support

Hi all,

did anyone have any experience or customer with PAN and OCS or new MS Lync 2010?

Does PAN have signature to recognize Lync traffic?

I already know that ms-ocs-video, audio, xfer are identified, but what abount Lync?

Thanks in advance

SSL VPN Login history

Is there any way to increase the retention of successfull logins to SSL? I would like to retain at least 2 months if possible.

Thanks,

D

Understanding Zone Protection

Hello all,

I recently configured Zone Protection for the external interface (untrust) on a PAN-2020 3.1.6 in a vwire setup.  Initially we have configured ZoneProtection to "Alert" only.

We have set the triggers for "Activate" and "Maximum" to a figure

Unable to Ping to Layer 3 interface

Hi , I have a Palo Alto 4020 . I have configured one of the interfaces as Layer 3 and also allowed Ping and telent on this interface . The IP given to this Layer 3 interface is 192.168.90.17 and its default gateway is the VLAN interface 192.168.90.1.

Application number discrepancy

I noticed a discrepancy in the number of Applications shown under Objects -> Applications.  At the top of the page it shows 1163 matching applications but, at the bottom right of the page it shows Displaying 1 - 40 of 1204. 

Could you please confirm

Ident Agent error

Hi.

I've noticed the following error in my PA logs this morning

12/07 09:30:54

However, I've checked the DC the agent is running on and it doesn't appear to have any error

Windows Remote Desktop Application Slow When Access Through PAN Firewall

Hi Guys,

I am experience some issue with the PA-500. I am having some slowness issue when users connect from remote site to HQ local server via remote desktop ( ms-rdp ) application and sometimes unable to connect or disconnected.

Policy rules are :  W

regarding url

recently it was found that recently that sudden url sites are not being filitered , like www.vtunnel.com  is  being blocked under the Proxy Avoid and Anonymizers but https:vtunnel.bz , org etc are  not blocked . how to block them .