What Happens to FQDNs in a Security Policy when DNS Time-to-Live Expires and Device Cannot Reach DNS

 What will happen in that case when DNS server becomes unreachable ?

Would destination server be unreachable ? 

Possible solution if DNS server gets unreachable.

All traffic through LSVPN (or LSVPN route metric)

I want all satellites to route all traffic through VPN tunnel when it's available. In GP gateway if I leave Access Routes emtpy or if I publish 0.0.0.0/0 to the satellite I get the default route with metric 100 on the atellite. But that means the sta

Policy Optimizer Apps

Is it possible to add the apps seen by the policy optimizer to an application group already created? I feel like this should be easy, but I can't seem to be able to do it. It appears you can create new app groups but cant add to current? Am I missing

least privilegews needed for the auto backup admin account

I have a SNMP server doing a backup regularly of my firewall's configuration.
At present, I have super-user permissions on that account. What are the least privileges needed for this type of account? also, any best practice to protect the access?
thank

URL filtering behavior when used in conjunction with web proxy

Hello guys,

I'll make it as short as possible. The summary of our system is below.

• Client PCs use must use an internal web proxy ("Proxy" in the diagram) when they want to access the internet.
• The internal web proxy then forwards the proxy connection t

how can I generate url logs for an allow rule with url category selected but not url filtering prof?

how can I generate url logs for an allow rule with url category selected but not url filtering prof?

Firewall receiving a HTTP 401 error when trying to access the Minemeld server

Hi All, 

I've configured an external dynamic access list with the relevant account username/password to reach our minemeld server. When I test the connection however using 'test source url' in the external dynamic list configuration, this fails wit

tacacs

Hi,

I am using tac_plus linux server . 

user = larry {

        login = PAM

        member = admin

}

The above  will support ? .As I know tacacs using pap or chap . In that case If can I use  login = file /etc /password Or PAM in the server side configur

6.1.3 update issue: Threat database handler failed

Hey all-

I tried updating a test box to 6.1.3 and encountered the error in the title. Per other threads, I tried manually downloading the latest content version and installing but it resulted in an error during install.

Has anyone else encountered thi