If I create a custom app-id for an application we use, will it no longer match the "unknown-udp" (which we block)? Or do I need to do an application override as well?
I'm running Global Protect on my Macbook. I have the gateway configured to accept cookie and set to 24 hours.
For troubleshooting purposes I'm trying to figure out how to clear my cookie on my Macbook so it does not automatically connect.
Why would a rule with app-id of skype show up in logs as ms-lync when Lync is not part of rule
Im having issues with our internet connection. We have dual internet connection. For 2-5 seconds our internet will be disconnected for both ISP. This only happens when we upgraded to PAN-0S 8.0.1 from PAN-0S 7.1.6. Do I need to downgrade?
I have a PA-3020 with fairly typcial config with a L3 untrusted interface and several trusted sub interfaces. I have a couple questions.
Prior to this, I was doing my intravlan routing on my core HP2920 switch. My 192.168.123.0/24 network is the nat
...
Hello,
I have two Palo Alto Firewalls, each running different software version, 7.1.5 and 7.0.7.
Both firewalls connected to the same User-ID agent server. The User-ID agent version is 7.0.5-3
I am planning to upgrade one of the firewall from 7.1.5 to
...
Hello,
When the Enforce GlobalProtect Connection for Network Access feature is enabled, we can define a Gaceperiod to allow users to temporary connect through a captive portal ( hotel proxy...)
Maximum timeout, i can see is 3600 seconds (1 hour)...
W
...
Full disclosure: up until now, I've had zero practical experience with GlobalProtect. I've only worked with Pulse, Cisco and OpenVPN.
I just deployed a 220 yesterday with 8.0.1 and am having a heck of a time getting GlobalProtect to work in either sc
Hi everyone,
I found the issue the response page not display when the client acccess ssl websites and using a web proxy via explicit mode.
I already enabled policy decryption for all ssl websites.
On a browser will display "page not found!" or "This si
...
Dear Team ,
i am using PA 5020 BOX With PAN OS 7.1.5 when i am configure the SSL Inspection Inbound and create the Decrypt policy on the firewall so i am getting this error , could you please share the solutions to fix this error and share the config
...
Hi All,
I have an issue with getting my PA to work in conjunction with Google Apps ( or G Suite) as it is now known. A little about the enviroment:
Two group of users:
Group 1
SSL decryption enabled
Safe Search disabled
Allowed to approve videos in YouT
Hi there,
This may seem like a stupid question, but we are switching ISP and they have given us a static IP because we use VPN etc. I'm configuring a PA200 and for the life of me cant figure out how to add the ISP gateway. Ive added the IP address an
...
I work on a Vista machine and after using it succesfully for a long time, I had a problem with my GlobalProtect (it did not connect). I read somewhere it might help to uninstall it and then re-installing again, which I did. The uninstall was succesfu
...
Hello ocmmunity,
Do you know if it is possible to do this in the firewall ?
Name: NAT 1
Source Zone: INTERNET
Destination Zone: INTERNET
Source Address: IP_Public
Destination Address: 1.1.1.1
Service: icmp, tcp/5551, tcp/22, tcp/4443, udp/500, udp/4500
Des
I have a Bundle 2 in trail at the moment as a POC. At first glance, the interface is overwhelming, so navigating it is cumbersome at first. What I am trying to accomplish is a viable replacement for Ironport WSA. I have a Bluecoat POC in place and
...
BPry
on:
PCNSE certification, how to get an online training fully covering all the possible questions
reaper
on:
What does ch mean in PA-VM-OS Software?
