Does security management require alot of linux, unix and ubuntu knowledge and software?s
I would like to setup a new Miner to collect AWS Ips from the following http://docs.aws.amazon.com/general/latest/gr/aws-ip-ranges.html, using URL https://ip-ranges.amazonaws.com/ip-ranges.json. How would that be accomlished, I can't seem to locate a good example.
Hello everybody, recently I am facing a strange Problem with Global Protect. If I log into a Windows 7 Machine (64-bit) with an Administrator Account and enter Credentials of a NON-Administrative Account in Global Protect everything works just fine.But if I log into the Machine with a NON-Administrative Account and try to connect with a NON-Admi...
Hi All, Im trying to import a WildCard SSL to use for our Palo Alto GlobalProtect VPN. Im Having some trouble as this is my first time using SSL. I can import the WildCard but im not able to link it to its Root CA (GoDaddy). Do i have to have this signed by the CA before using it? We have also added an (A) hostname e.g. example.companyname.com.a...
DNS configured in GP settings: Primary DNS 10.250.1.1, secondary DNS 10.250.1.2 Access route: split tunnel- 10.250.0.0/16 allowed in GP. Once clients are connected to globalprotect, they are getting the above DNS settings. so the traffic going to internet also resolving in above Internal DNS server. Now i have the requirement for GP users, when ...
Hi, i have a PA200 for a testing purposes i want to enable clientless VPN access. Went to Device/licences and i see i do have a licence enabled.then going to Device/dynamic update i do have clientless software uploaded: but when i try to activate it by going to device/ssl vpn client i cannot see it. Looks to me i have it all there but... Do you...
Can anyone redirect to the lkink to donwload Panorama?..can';t see it under Software Updates in support account.
HelloThere is some problem concerning url filtering of Active Sync.we create url rule which must allow Active Sync but it doesnt work.we exclude this rule it is working.is there any particular configuration about Active Sync?
Hi All,I'm currently trying to set up an SSL VPN using the global protect client on a Palo Alto FW.I have:-- issue a self signed root CA and CA to the palo- set up VPN tunnel- created VPN zone- setup an authentication profile using RADIUS and directed it to our NPS server which currently policy to allow access to an AD group "VPN Users"which i a...
My response pages work when users attempt to browse to a blocked category but when the blocked item is buried within the page users just get a blank screen until the connection times out. Any ideas or suggestions would be greatly appreciated!Thanks!
I've setup a Zone Protection network profile and applied it to our DMZ zone. I changed the default for port scan on the Reconaissance Protection tab to 30 events in 3 seconds. TCP port scan is enabled, and the action is set to block-IP. I run a test by scanning a host in the DMZ, 10,000 ports in 166 sec. That's a rate of ~ 60 port / sec, and ...
Long time Palo user.We use the URL filtering add-on. Anyone know if Palo plans on making an extension for Chrome devices? Every other URL filter has this already, and we may have to move off Palo to get this functionality. Thanks.Dannon
Hi Guys, I am trying to replace a PA-3020 fierwall with a new Device (PA-850) could someone maybe give me some Hints with the best Practice?if the devices were of the same time it would have been pretty straigth-forward according to some docs released by PA.The old PA-3020 (HA) is managed by panorama so the new device would also be managed by th...
Hello, I'm deploying a GlobalProtect VPN and I'm facing a problem in the Authentication. I have both LDAP and Local authentication profile that are configured and I want to be able to connect with either an account in the Active Directory or the local database. The problem is in the Gateway configuration, in the Authentication tab, I put both of...
Hello Community, I´m having a strange behavior after configuring an IPSec tunnel, the situation is that I can ping a subnet trough the tunnel which hasn´t a proxy ID. This subnet has an entry in the virtual router and the tunnel interface points to it, there´s also asecurity policy which allows this traffic but as far as I know if this subnet ha...
