Guide to FTPS?

One of our partners is switching it's service to FTPS,

Does anyone know of a decent guide on implementing FTPS? I saw a brife article by "sdurga" but it's not very detailed.

We don't presently do any SSL decryption so unsure of what we need to do and

TRAPS Logs 4.1.2 to panorama 8.0

Hello, I have tried push logs to panorama by KB link but I have still same error message "Connection to pan.xxx.xx:23001 failed.
I am using TCP 23001 without SSL
Do someone have same problem?

https://www.paloaltonetworks.com/documentation/41/endpoint/e

How to limit global protect for specific android/ios users?

I have an interesting scenario. We have windows users accessing global protect. I am looking to buy gateway license to enable a set of users(10) out of 400 users to use android/iphone to connect to vpn. We  have IBM MaaS360 MDM installed on phone to

Tunnel Monitor

Hi Members

While setting up the Tunnel monitor, what would the destination IP on the ipsec tunnel. Is it the IP of the peer? and where does the alert gets generated, within the PA system logs?

Regards,

How can I get user to type username, password and OTP when using RSA Radius 8,1 on Global Protect ?

Hi,

How can I get user to type username, password and OTP when using RSA Radius 8,1 on Global Protect ?

Portal = Radius (RSA) passes -> LDAP check

Thanks

After upgrading to 8.1.1 VPN always on pre-logon->user-logon failings

Wondering if anyone else has seen this?

We upgraded to 8.1.1 from 8.0.8 this morning and immediately had users reporting their VPN client prompting for credientials over and over again forever. The firewall says invalid username/password hwoever we c

Anyone use "Expired Active Directory Password Change for Remote Users" in PAN version 8.1 and GP Ver

Hi,

Anyone use "Expired Active Directory Password Change for Remote Users" in PAN version 8.1 and GP Version 4.1?

https://www.paloaltonetworks.com/documentation/41/globalprotect/globalprotect-app-new-features/new-features-released-in-gp-agent-4_1/expir

UDP log that hit any deny rule and show allow

Hello, i have a question about UDP session

rule 34

untrust any

trust any

app icmp, traceroute, ping

service any

action allow

rule 214

any any deny

you can see allow log hit rule 214

i found similar case about tcp.

https://live.paloaltonetworks.com/t5/Manag

Moving a Layer Two Switch between FW pair and Edge Router from ISP Issue

We are attempting to move a pair of VCP'd layer 2 switches between our ISP's CIENA and our PA 5220 pair.  Our ISP is only giving us a single handoff so we were attempting to plug the handoff into the layer 2 switches (nexus 9ks with VCP) on a access

Master key and HA 1 ip address

Is it possible to push master key and ip address of HA 1 from Panorama to managed firewalls? Or it must be created locally on firewalls?

World Cup 2018

Anyone have a custom APP-ID to block world cup 2018? or is palo going to release one?