How to limit HTTP download in web browser?

Hi All,

Can anyone kindly guide me on how to limit HTTP download using QoS?

My customer requirement :

1.Limit any file download speed for web browser application at 500kbps. Example : www.microsoft.com,www.download.com & etc.

2.The web surfing speed stil

NAT/Can a subnet span multiple interfaces?

We currently have our PAN configured with a simple 2 NIC L3 setup, the internal NIC is on a private IP, the external NIC is on a public IP on a /24.

We have a bunch of  public facing websites that are currently outside of the PAN on a server that is c

Terminal Services for Windows Server 2008

Our current setup for terminal services for Windows Server 2008 is setup through our ISA 2004 firewall. We plan to move to the PA-500 and and the Terminal Services Agent only works for Windows Server 2003, is there anything we can do to fix this?

Zone Protection Severity Levels

What are the severity levels that get logged to the Threat Log for the Zone Protection Profile Flood Protection, Reconnaissance detection, & Packet-based attack protection attacks?

Button for "Dynamic URL Filtering" is not there

The checkbox for "Dynamic URL Filtering" is supposed to be in the URL Filtering security profile.

I have a PA-4020 that does not show it. It's running 3.0.6.

I also have a PA-2050 which is running v3.0.5 and it does have the checkbox. Did the checkbox

Using two different Radius at the same time?

In service route configuration one can define which interface should be used by the managementplane to reach the Radius server which you will use.

However Radius can be used both for admin-logins aswell as captive portal (user-logins).

Is it possible t

How do one completely drop packets for a specific url or url-category?

When setting up an url-filtering you can choose from the following actions:

Allow

Block

Continue

Override

Alert

The downside with block (like when blocking the category web-advertisements) is that the content is exchanged into the response page for blocked

PAN agent to captive-portal fallback

It's possible to configure a fallback to a web form (captive portal) if a user is unkown without specifing a source ip adress in the captive portal policy? In our DHCP network we a mix of AD connected user and not AD connected. If yes how ?

Best regar

Threats log for denied packets

Dear all,

I currently have a generic rule which blocks netbios-like traffic to and from internet with a simple deny. As this traffic is very likely to be malware generated (at least in my context) I have enabled a simple alert-only antivirus profile o

How to verify data plan resource information

As far as I know , the "Resource Information" field on PANOS is control plan resource information.

How can I to verify data plan resource information on GUI or CLI .

x-forwarded-for and User Identificaton

We have configured x-forwarded-for flagging along with the User Identification.

Traffic logs from a tap upstream of a (squid) proxy carry the x-forwarded-for flag, but the IP is not resolved to a user.

Is this expected behaviour? (i.e. is ip-to-user tr