Always -on OTP

I have an interesting scenario where I have a firewall protecting an extremely sensitive server and some dedicated users accessing it through another zone. I ran into a situation where only couple of users need access to it when remote. I thought of

Panorama support license upgrade

Hello,

I am just trying to upgrade support license of Panorama VM from 100 devices to 1000 applying the Auth code received for PAN-SVC-BKLN-PRA-1K. It is failing with message "Failed to install licenses. An initial license cannot be applied for renewa

QoS on inter-vsys traffic

We have internet traffic and tunnels terminating on vsys1. While our servers are in vsys2. Traffic to internet or tunnels is passed through inter-vsys routing from vsys2.

Server X which earlier used to be in vsys1 and had qos applied for it tunnel tr

Inbound SSL Decryption

Hi,

I have two questions for folks

1) I have setup Inbound SSL decryption as outlined in the documentation  (Import Server Certificate, Create Decryption Policy, Create Decryption Profile), and expected that when I looked at my traffic log to the ser

Global Protect Override windows singin option windows 7 and 10

Hello Any one could help me?

After install the GP in all machine the user logon on windows need to provide doman/user and if not provid the computer try to authenticate on GP that is with another credential (user + toke+passoword) 

i don't have pre-

Who vets External Dynamic Lists (EDLs)

The Knowledge article on blocking TOR, https://live.paloaltonetworks.com/t5/Featured-Articles/How-to-Block-Tor-The-Onion-Router/ta-p/177648, references a list on panwdbl.appspot.com. This website has a number of lists that can be used to filter traff

Autofocus Minemeld Advantage vs wildfire?

My understanding is that wildfire autoupdates some URL categories within 5 minutes if you have the correct licensing.  With a current wildfire/URL filtering subscription, and without traps on our network, what is the real advantage to autofocus? My u

RSA AM and PA Configurations

Want to know if anyone has configured a PA to use the RSA Authentication Manager yet?  I have seen an RSA document from 2010 that states it can be done.

Guest Access via Captive Portal - problem with page not always appearing

I have set up a guest wifi network with an access point on an ethernet port of the PAN firewall.  The guest wifi network is unsecured.  I am using a web-form to ensure the guests see our logo, terms, and type in the correct password to proceed.

The se

Directory Sync Service Certificate

Hello All.  I set up the directory service for the first time yesterday.  Everything works, but I noticed the certificate I have to create is only valid for 3 months.  Do i have to renew it every 3 months?