Get Incomplete on Palo Alto after NAT on CheckPoint

Hi everyone.

I need some help.

I I encoutered a problem with incomplete session during configuring a simple (as I thought) roule.

I have host inside my network and I want to configure the access from the internet. My configuration is: the first firewall

Can I have only one URL sub in an HA pair configuration?

Is it possible to have a HA pair of PAs where only one of the units has a license for URL Filtering?  If so, what happens when the units failover to the one without the URL license?

Thx

OCS or Lync support

Hi all,

did anyone have any experience or customer with PAN and OCS or new MS Lync 2010?

Does PAN have signature to recognize Lync traffic?

I already know that ms-ocs-video, audio, xfer are identified, but what abount Lync?

Thanks in advance

SSL VPN Login history

Is there any way to increase the retention of successfull logins to SSL? I would like to retain at least 2 months if possible.

Thanks,

D

Understanding Zone Protection

Hello all,

I recently configured Zone Protection for the external interface (untrust) on a PAN-2020 3.1.6 in a vwire setup.  Initially we have configured ZoneProtection to "Alert" only.

We have set the triggers for "Activate" and "Maximum" to a figure

Unable to Ping to Layer 3 interface

Hi , I have a Palo Alto 4020 . I have configured one of the interfaces as Layer 3 and also allowed Ping and telent on this interface . The IP given to this Layer 3 interface is 192.168.90.17 and its default gateway is the VLAN interface 192.168.90.1.

Application number discrepancy

I noticed a discrepancy in the number of Applications shown under Objects -> Applications.  At the top of the page it shows 1163 matching applications but, at the bottom right of the page it shows Displaying 1 - 40 of 1204. 

Could you please confirm

Ident Agent error

Hi.

I've noticed the following error in my PA logs this morning

12/07 09:30:54

However, I've checked the DC the agent is running on and it doesn't appear to have any error

Windows Remote Desktop Application Slow When Access Through PAN Firewall

Hi Guys,

I am experience some issue with the PA-500. I am having some slowness issue when users connect from remote site to HQ local server via remote desktop ( ms-rdp ) application and sometimes unable to connect or disconnected.

Policy rules are :  W

regarding url

recently it was found that recently that sudden url sites are not being filitered , like www.vtunnel.com  is  being blocked under the Proxy Avoid and Anonymizers but https:vtunnel.bz , org etc are  not blocked . how to block them .

PA-2050 connected to Cisco 4000-series switch

Hello,

We had a problem when we connected PA-2050 appliance (PanOS 3.x) to Cisco 4000-series switch. There was simply about 30% packet loss in traffic and it wasn't usable. Then we just put some dummy switch between PA and Cisco and everything works f

strange arp behaiviour

I configured PA to use my outside interface (192.168.128.61) for update checking (not management interface), after it I noticed strange arp behaiviour from PA:

00:14:40.540937 arp who-has 67.192.236.252 tell 192.168.128.61

PA tries to locate update ser