SSL VPN and other options for client VPN

I'm currently using a Watchguard firewall for our remote users to connect and authenticate using built in Windows (and Mac) VPN.

I have a Palo PA-500 in the Dev environment being configured to replace the Watchguard firewall, however we have come acro

Problem with the "get ldap tree" bouton in the user agent for AD

Hello,

The "get ldap tree" bouton does not display ldap tree of the AD on UIA 3.1.0 and 3.1.1. What can be the issue, and is it critical for the agent to function correctly?

At the same time, agent is able to get groups and mappings from AD.

Regards.

URL Filtering Profiles - Category/Action

I'm torn even asking this question, but it seems like it might be a nice feature but at the same time possibly misused. It might also be a support nightmare when people call saying they can't get to a URL.

Would you consider adding a "Block-No-Log" to

How to find objects and rules using CLI?

Hello,

I need to know if there is any method to make research based on ip adresses or groups to find out witch rules are using it on the cli. In other words, how can i use the cli to search policies in witch an ip adresse or a group of ip adresses is

Virtual Wire DMZ - Help Please

Hoping for some clarification on using Virtual Wire to inspect traffic to our DMZ please.

Right now the external interface of our PAN has a public IP of 1.2.3.1/24.

Its default gateway is another firewall in front of it, it's internal interface has a p

Unable to authenticate users on Captive Portal

Hi,

We have following issue with our setup:-

1: Captive Portal is set for entire network ( 192.168.1.0) and in Active Directory the group ( IT) is choosen which will be filtered or monitored. There are two users ( user1/user2) who are member of this gr

User Information in Firewall Database Cache

1: Captive Portal is set for entire network ( 192.168.1.0) and in Active Directory the group ( IT) is choosen which will be filtered or monitored. There are

two users ( user1/user2) who are member of this group.

Firewall Rule :
==============

1:  Trust

PA-4000 series and agg/dual links

Hi,

I'm looking to upgrade my company firewall (PA-2050) to one of the PA-4000 series to be the internet gateway for all our US sites.  Anyone here is using PA-4000 with aggregate links with Cisco switches?  I'm thinking to have aggregate links for bo

UIA / PAN Agent to Firewall Communication

Hello,

Looking at the User Identification with PAN-OS 2.1 Tech Note rev00E 03/09, I can read :

"The User Identification Agent must have IP connectivity to the firewall management interface.
This is true even if the firewall is managed by an inline, Laye

Why is UIA agent not aging-out entries?

Hello,

I'am using the UIA agent 3.1 with AD, and i noticed that the number of mappings is always growing. The netbios probings are disabled. I want to know how the 45 min age-out work, and under what condition it is re-initialised. Seeing the growth o

Safe search document

Hi, I am trying to download the attachment from here https://live.paloaltonetworks.com/docs/DOC-1399 and it is corrupt. I have tried this on a few different computers and it is always the same corruption. Is it possible to upload this file to the sup

Extract SSL-VPN Installer 1.1.0

Hello everybody,

is it possible to extract the PANInstaller.msi for the 1.1.0 Version,
like in the 1.0.2 Version.
We want to deploy the clients manually!

Kind regards
Christian