Spotify and URL Filtering
Hello Spotify, besides being detected as a application, connects to certain URLs for information. What URLs are these? Id like to making a URL Filtering category so I can allow this traffic to pass. Thank you.
Hello Spotify, besides being detected as a application, connects to certain URLs for information. What URLs are these? Id like to making a URL Filtering category so I can allow this traffic to pass. Thank you.
URL filtering I keep seeing lots of clients for this URL: play.google.com/log?format=json&authuser=0 Anyone know what application can be causing this request from the client PC?
Hi, We are doing test in order to block the domains using EDL but its not working. We are doing test with this domain: unrealengine.comThis is the config: The domain is added to the EDL domain list: The antispyware profile is created with the list: The security rule is also created: But we can still access to the web: any idea?
Hello I want to know if the binaries wa_3rd_party_host_32.exe and wa_3rd_party_host_64.exe are essential for use in Globlal Protect, and what service of Global Protect are use these.I see this articule:https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000PNPRCA4&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FK...
For people who have many firewalls which have similar policy, what are good ways to manage these, say for example I want to add a particular rule from one zone to another, and the zones are identical across 80 firewalls. Am looking at using Device Group hierarchy but not sure of pitfalls or traps to avoid here.
I can't get to live.paloaltonetworks.com/t5/customer-resources/configure-palo-alto-networks-firewall-to-block-x-vpn/ta-p/270633 How to obtain access? (Or maybe someone can send me the article?
I cannot login to the web GUI, I receve error "Timed out while getting config lock. Please try again. ". I saw that it has to do with overloaded server managment plane so i tryed to restart it form CLI, ussing the comnad "debug software restart process management-server". The problem is that i get the same error in CLI "Server error : Timed out...
Hello, I am working on a Fortigate to PA migration and I am trying to wrap my head around the equivalent of a Fortigate VIP (we used VIPs to go from public IPs to inside web servers) on a PA. Would I just create addresses for everything and then do the "virtual" piece with a NAT policy?Thanks for any input,MJF
I want to lock down Internet access for some machines to just allow them to use Zoom, but using the App-ID means I have to allow SSL and STUN too and I don't want that as that opens up a ton of other sites, Anyone have any suggestions? Maybe a URL filter allowing just the *zoom.us domain?
Hi Team, I have three VPN connection for three isp network. We need to load balance the VPN connection when it reaches to a particular threshold for example 75% or 80% then the traffic need to shift to other tunnels. For example if one tunnels is being used by 5 or 10 users and someone downloads or uploads a content then according to the bandwid...
Hi All, Am going to bundle an existing layer3 interface (e1/1)with extra one (e1/2 ) to an ae1 interface. And then move the ip address from e1/1 to ae1. This is in a HA A/P configure, question is how to reduce the downtime to roughly 0?If it will impact existing sessions?As zone name not changed but ingress/egress interface, and PA sessions matc...
Hi Team Are there any documents or something to learn about Auto Assistance?
When setup U-turn NAT, can see SNAT part using an internal interface for DIPP. But in the scenario A/P FW has two downstream switches, ie. two internal interfaces, if need to setup 2 U-turn NAT policies . So that when the primary link down, can use the 2nd NAT(which using 2nd internal interface ip address as DIPP)? Please help.
Hello,How is the "Last Hit" metric for a security policy on the firewall generated? Would the timestamp be based on the session start time or the received time of the log? Intuitively I would think the former, but I am starting to think its the latter. Does anyone definitively how this works? Thanks
Hi,I can not join into a domain when the computer pass through PA.This is my scennario:PC - PaloAlto - Switch - DomainControllerThe PC and Domain controller are in the same Zone (trust) and I have a security rule: from zone trust, to zone trust, permit all.I can see a lot og kerberos v5 packet with bad checksum.Regards,
| Subject | Likes |
|---|---|
| 4 Likes | |
| 2 Likes | |
| 2 Likes | |
| 1 Like | |
| 1 Like |
| User | Likes Count |
|---|---|
| 4 | |
| 3 | |
| 2 | |
| 2 | |
| 2 |

