Blocking all files upload

Hi, 

Anyone has ever figured out how to block any inside hosts to upload any kind of file outside, but still allowing web browsing? The file blocking option support only specific type of files... and the APP-ID database doesn't have any king of basic

Two GP users have a client that is looping fast (prior to connecting)

Hello all,

We have two users across the pond that have an issue with their client attempting to start and then repeatedly starting multiple instances (task bar will show several GP icons as they come and go).

We did a deep-clean, reinstalled fresh, di

Access rule is being used even though the destination server is not mentioned in the rule.

Under traffic logs we are seeing communication is being allowed through an access rule which does not have a match for destination server. There is  security profile attached to the rule. Can someone please explain this behavior of PA.

Fan Alarm

Hello,

I have an issue with PA-5220 FAN  the LED indicator is red.

when I check the system environmental logs below is the result:-

Do I need to change the FAN or any troubleshooting steps for this?

community version of MineMeld.

I am new to MineMeld time and the first day.   I have only download and install MineMeld on a VM and configured it successfully. I don't know what AutoFocus is, so I don't think I am using it. so I am using the community version of MindMeld. 

In foll

Looks like eu.wildfire.paloaltonetworks.com has expired today

Getting alerts for eu.wildfire.paloaltonetworks.com having an expired SSL certificate

Looks like it is a wildcard for *.wildfire.paloaltonetworks.com from Godaddy, can someone in support replace it?

GlobalProtect with machine cert

Hi,

I'm having a challenge with GlobalProtect when trying to do ldap authentication with a machine cert (from internal MS pki).  I've tried both the computer and workstation authentication template, but neither worked.  GlobalProtect states certificat

Panorama M-100 Hardware vs installing in ESXi

Hey Everyone,

My company is looking at implementing Panorama to update and monitor the other firewalls we have at other locations.  Does anyone recommend the Hardware like the M-100 over just installing it on a server using ESXi?  

Thank you!

2X of PA820 Active/ Passive Design question

Hi All

After some advice, planning to have 2 X PA820 pairs of Active/ Passives, Inner and outer firewalls protecting some internal networks.

See the diagram, Does the HA2 link pass data plane traffic at all?  Or can it?

There could be a scenario that

Global Protect Policy enforcement

Hi All ,

I have an issue

Is there a way to use Global Protect to  enforce web or URL  filtering policies when users are not on the corporate LAN ?  for now, when users work remotely , they bypass all web and  URL filtering and security policies and d

How to return to panorama template after override enabled on firewall

Someone override a Template config section on firewall. What's the best strategy to remove override and go back to panorama pushed config...

Remove HA config from template of managed firewall pair

Hi,

i have a pair of active-standby firewalls, managed by Panorama. My first attempt, when i imported those to panorama, i pushed one template to both firewalls and had issue with HA IPs, causing split brain.

I recovered the firewalls and later importe