URL filtering behavior when used in conjunction with web proxy

Hello guys,

I'll make it as short as possible. The summary of our system is below.

• Client PCs use must use an internal web proxy ("Proxy" in the diagram) when they want to access the internet.
• The internal web proxy then forwards the proxy connection t

how can I generate url logs for an allow rule with url category selected but not url filtering prof?

how can I generate url logs for an allow rule with url category selected but not url filtering prof?

Firewall receiving a HTTP 401 error when trying to access the Minemeld server

Hi All, 

I've configured an external dynamic access list with the relevant account username/password to reach our minemeld server. When I test the connection however using 'test source url' in the external dynamic list configuration, this fails wit

tacacs

Hi,

I am using tac_plus linux server . 

user = larry {

        login = PAM

        member = admin

}

The above  will support ? .As I know tacacs using pap or chap . In that case If can I use  login = file /etc /password Or PAM in the server side configur

6.1.3 update issue: Threat database handler failed

Hey all-

I tried updating a test box to 6.1.3 and encountered the error in the title. Per other threads, I tried manually downloading the latest content version and installing but it resulted in an error during install.

Has anyone else encountered thi

Panorama pushed zone not applied to subinterface

Its a new firewall, with 2 interfaces in AE, zone configured and pushed through panorama template.

When configuring L3 sub-interface for this AE interface, i can configure ip, vr but the security zone would not get applied to it.

Both firewall and pano

Mac taking very long time connecting to global protect gateway and sometime they gets dropped

Mac taking very long time connecting to global protect gateway. We are using the clinet version 4.1.11-9.
Pre-log on always on VPN.  It tries and tries until it connects. Sometimes it drops the VPN and tries to reconnect. All I see suspicious  from th

GlobalProtect RSA Authenticate integration

Has anyone done this?  I tried following this guide (RSA SECURID® ACCESS Implementation Guide Palo Alto Networks Next Gen Firewall 8.0), but it's not very good. 

Basically after I enter my username and password for the client I'd like to get a push n

Minemeld Crashing

Hello,

I'm have recently started to try to utilize a few different feeds and as such have been trying to get Minemeld to process the feeds. I'm using the MISP extensions as well as CIF and TAXII prototypes to pull in these feeds. I noticed though e

show objects registered-ip all

What does the below mean:

received from user-id agent  #: persistent

I'm finding that some addresses are registered to a tag that I don't believe I've created, - a "Palo-URL-and not entirely sure where it came from.... however I'm reading that a rest

Group mapping settings not listing AD groups in GUI

Hi, 

I am trying to configure user-id based authentication in Palo Alto 5220 (Pan OS 9.0.2). I have integrated Palo Alto with AD using LDAP profile. I am not able to add the AD groups in the "Group Include" list as they are not being listed in the GU

3rd Party device connectivity with PAN 10G transceivers.

Has anyone used the PAN-SFP-PLUS-CU-5M twinax cables and connected them to Cisco Nexus 5500 series switches?  If so did everything just work?