About HULK

Hello Clint, As J.liu said, you need to configure a custom application signature to identify traffic on port 3260. Secondly, need a security policy in place  from specific zones to allow that traffic. Hope this helps. Thanks ... View more

A reference DOC for this : Incomplete, Insufficient data and Not-applicable in the application field Thanks ... View more

Hello Camagate, Could you please share IP addressing scheme and NAT details for above mentioned diagram, for more clarity. Thanks ... View more

Hello Satish, I hope the AD server is connected through the management interface. Hence, you need to capture packet on the management interface. It is not necessary to bring the firewall in Active state, in order to capture packet, you can capture in Passive FW as well. Reference DOC: tcpdump Hope this helps. Thanks ... View more

Hello ITsama, That's the problem... the application will not be able to identify until you decrypt it.  You must decrypt it in order to see what is inside. Hence, the "application" option is invalid in a Decryption policy. Thanks ... View more

You are welcome ... View more

Yes, you are correct. PAN does not have an ability to send email alerts only for VPN down messages, but it will send email alerts for all SYSTEM logs with critical/High severity. NOTE: If you think, there should be a way to achieve this, it's best you reach out to your SE or sales contact. If there are features we currently don't have but you would like to see added they can create a feature request for you. Hope this helps. Thanks ... View more

Hello Infotech, I hope this is the exact info, you are looking for: How To Alert on IPSec Tunnel Down? Thanks ... View more

Hello ITSama, Just for your reference, some applications are not playing well with SSL decryption. Here is the list of applications, that should be excluded from the decryption policy due their nature of operation: List of Applications Excluded from SSL Decryption Thanks ... View more

A related discussion thread for your reference: Blocking Spotify P2P function Thanks ... View more

Hello Matt, It looks good to me. Since, traffic traversing through PAN firewall twice, we may need to perform a source NAT for this traffic at HQ core switch. A source NAT with ensuring the symmetric return of the traffic through the HQ core switch. As per my understanding, your traffic is flowing like above mentioned diagram. The green line is for return traffic from internet. So, only a source NAT in your HQ core switch can ensure the return traffic to go back to HQ core through content filter. Otherwise, if you perform NAT on PAN firewall, return traffic will not travese through HQ core and content filter, since PAN firewall will identify the direct route to reach remote user's subnet through VPN tunnel. Hope this helps. Thanks ... View more

Hello Satish, It's not about the configuration, but LDAP credentials. Could you please try to re-enter credentials one more time on the passive node. Thanks ... View more