Skip Proxy path for specific URL

Hi Friends,

I am using PA500 firewall and access internet using websense proxy server. There is some URL are frequently block in websense server even they are allowed in websense security server. My question is how can I confiugerd policy in firewall

URL Category in Security Policy only for http?

We unfortunately use a smtp server with fqdn. (cannot use fqdn object for certain reasons)

And we implemented a security policy with the url category in the "Service/URL Category" section of the security policy.

In the security policy, the application

Disable SIP ALG on non-standard port 10060

I have SIP ALG disabled and it's working fine for the default 5060 port, but my provider also uses port 10060 and I need to disable SIP ALG for this port as well. How can I do this?

Public VPN Bypass Firewall

Hi ,

    I have blocked some Applications (like youtube, facebook etc in PAN-OS9.0.0), But employees are still able to access these applications while using VPN (Like ibvpn, purevpn).

If anyone have solution please let me know, how to block that traff

Miner for IWF feed

Do you use Minemeld to integrate IWF (Internet Watch Foundation) to Palo Alto and can you share the miner config?

The list input from IWF json input w and will need to convert to  “URL List”. The feed also requies username/passward authenticaiton. 

GlobalProtect - SSO without Sign-in option

Hello Guys,

Is there a way to use GlobalProtect SSO without using the Windows sign-in option?

Thanks.

Best regards

PA-5220 high SWAP memory usage

Hi,

We have from time to time higher SWAP memory usage on 5520 box. 

Not sure if this would be critical or if I can just higher the treshold values in monitoring system.

On reference box the swap memory is 3%, but on this one 85%.

Reference PA-5520
---

Clientless VPN (Web) and SSO credentials

Dear Palo Alto Experts,

We have set-up a Clientless VPN webpage for certain users so that they can connect to an internal website from outside the company. 

When they logon to the VPN portal, with their Windows Credentials (Radius authenticaton), the

Using custom URL categories

Hi guys,

We're trying to stop users from accessing webpages featuring 'momo' content.

We've set up the below custom URL category and it only blocks Google searches for momo while in incognito mode, and still allows Google image and Youtube results. 

Block websites when using VPN

Some users started to use SoftEther VPN client on our company which allows them to bypass URL Filtering policy. How can we allow them to use VPN client but still allow or block access to certain websites. We already implemented SSL decryption rule bu

Palo Alto and Panorama integration/availibility question

Hi all,

I have some questions about integration between PA firewall and Panorama.

In my scenario, there's one cluster of PA devices and only one Panorama device.

The firewall policies were imported from the cluster into Panorama (Pre-Rules in the Devic

pre-stage changes in Panorama

Is there a good way to pre-stage changes using Panorama? Sometimes I have needs to make a rather complex set of changes in various areas, but I don't want to commit them to the firewall for days or even weeks. Is there a good way to handle this? I kn