This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

About UhMayYeah

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.
UhMayYeah
‎05-10-2024
since ‎02-22-2012
L5 Sessionator
User Activity
User Profile
Latest posts by UhMayYeah
View All
User Badges
Community Statistics
Member Since ‎02-22-2012 01:14 PM
Date Last Visited ‎05-10-2024 02:32 PM
Posts 440
Total Likes Received 254

Re: Can i block file by file name?

by in General Topics
‎08-25-2013 11:53 PM
1 Kudo
‎08-25-2013 11:53 PM
1 Kudo
At the moment, there is no direct method to block files using their names . Following workarounds can be used: 1> Create a Custom URL category using the source URL of the file and block this custom-url category. Eg : If you know the URLs where this file "hacker tutorial.pdf" could be downloaded from : Create a custom URL category and block this category using URL filtering profile. 2> Create custom application signature  for the URL path including the filename. P.S: "But please keep in mind that once you block the file by filename your users will normally try to change the filename to bypass the control which makes it useless." Ref https://live.paloaltonetworks.com/message/10273#10273 ... View more

Re: Can i block file by file name?

by in General Topics
‎08-25-2013 11:03 PM
‎08-25-2013 11:03 PM
Following article explains a way to achieve this  Can Files be Blocked by Name? ... View more

Re: One-to-One NAT - DMZ to inside - how do I make it work?

by in General Topics
‎08-25-2013 10:53 PM
‎08-25-2013 10:53 PM
Can you try to add a static route for 1.2.3.91/32 reachable through DMZ interface. Make sure the packets are being received on the firewall using traffic logs. P.S: Without addition of this  static-route ,NAT rule Outside to Outside should be able to translate these packets. Try refreshing arp table of the upstream router. >test arp gratuitous ip 1.2.3.91 interface <outside interface> ... View more

Re: Dynamic Block Lists and IP's

by in General Topics
‎08-24-2013 03:47 PM
1 Kudo
‎08-24-2013 03:47 PM
1 Kudo
The statement is TRUE only for malware URLs /IP addresses identified by the PA Threat Research Team. PAN-DB does not contain all the IPs associated with a URL. ... View more

Re: Maximum number of FW admin sessions

by in General Topics
‎08-20-2013 05:32 AM
‎08-20-2013 05:32 AM
There is currently no limit for admins to login concurrently.However, you may experience a performance impact with the more admins logged in.For example : If the host of admins  start generating reports,simultaneously , there could be some issues. But there should not be any issues configuring multiple admins as this is not limited by the Software. ... View more

Re: How to use Wildfire for Android APK

by in General Topics
‎08-20-2013 02:35 AM
‎08-20-2013 02:35 AM
Please confirm this information with your  SE on the availability of Wildfire for Android. ... View more

Re: Can a A/A Floating IP be set to the interface IP ?

by in General Topics
‎08-20-2013 01:16 AM
1 Kudo
‎08-20-2013 01:16 AM
1 Kudo
I was able to get this working using the interface address: admin@50-PA-5020(active-primary)> show interface logical | match 192.168 ethernet1/4         19    1    trust-L3         vr:default               0      192.168.50.1/23 admin@50-PA-5020(active-primary)> show high-availability virtual-address | match 192.168   192.168.50.1                            Active:yes    Type:floating admin@51-PA-5020(active-secondary)> show high-availability virtual-address | match 192.168   192.168.50.1                            Active:no     Type:floating IP-CONFIG Connection-specific DNS Suffix  . : IP Address. . . . . . . . . . . . : 192.168.50.206 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 192.168.50.1 Results: Reply from 192.168.50.1: bytes=32 time<1ms TTL=64 Reply from 192.168.50.1: bytes=32 time<1ms TTL=64 Pinging 4.2.2.2 with 32 bytes of data: Reply from 4.2.2.2: bytes=32 time=25ms TTL=57 ... View more

Re: Log entry: DHCP server auto-probe finished

by in General Topics
‎08-20-2013 01:04 AM
‎08-20-2013 01:04 AM
This information was not posted earlier  ,I will post this as a knowledge base article. Regards, AK ... View more

Re: Log entry: DHCP server auto-probe finished

by in General Topics
‎08-20-2013 12:19 AM
‎08-20-2013 12:19 AM
Palo Alto Networks firewalls have been designed to perform an Auto-Probe/Auto-Discovery when a DHCP server is configured in auto mode. The auto-probing detects existing DHCP servers in the same subnet. When another DHCP server is detected in the subnet, the firewall will shut down DHCP services and the other DHCP would gain/retain control. Note: Auto-Probing cannot be turned-off and should not be mistaken for the "probe-ip" feature. When the DHCP server in auto mode on the Palo Alto Networks firewall stops working due to the discovery of another DHCP server, the  following message will appear in the System Log : DHCP server auto-probe finished, turn off DHCP server since received offer from server 255.255.255.255 interface <DHCP Server Interface> ... View more

Re: SNMP v3 with DES

by in General Topics
‎08-19-2013 03:45 PM
1 Kudo
‎08-19-2013 03:45 PM
1 Kudo
Please refer :https://live.paloaltonetworks.com/docs/DOC-3322 DES is not supported . ... View more

Re: GlobalProtect Portal konfig update on Windows

by in General Topics
‎08-19-2013 12:08 PM
1 Kudo
‎08-19-2013 12:08 PM
1 Kudo
I suggest deleting the GP PanPortalCfg.DAT file located (by default) at the following path. C:\Users\<Windows User>. This will force the GP Windows Agent to download the Altered config from the Portal rather than using GP config from the Local cache,when a User attempts to connect back  to the Portal after disconnection. ... View more

Re: Threat search by name

by in General Topics
‎08-19-2013 03:59 AM
‎08-19-2013 03:59 AM
Currently  it is not possible to use Threat name as a filter  in Threat logs ,you can alternatively just choose the Threat Id from the Available columns in the Threat logs as shown in the Snapshot. Threats details can also be searched from the Threat Vault. https://threatvault.paloaltonetworks.com/ ... View more

Re: Threat search by name

by in General Topics
‎08-19-2013 03:55 AM
1 Kudo
‎08-19-2013 03:55 AM
1 Kudo
I tried answering this question in following Post : https://live.paloaltonetworks.com/message/26428#26428 ... View more

Re: Questioning about agentless user-id.

by in General Topics
‎08-19-2013 02:20 AM
3 Kudos
‎08-19-2013 02:20 AM
3 Kudos
1. How much user-id be supported by agent-less user-id? I guess that 64K user-id and 640 user-group would be supported on all of PAN model. right? Right 2. When using user-id collector, How much user-id and user-group be supported by agent-less user-id for receiving all of user-id and user-group from other FWs? 64K user-id and 640 user-group be supported? Right 3. How many domain and DC be supported on user-id collector environment? Only 20 DC and 8 Different Domains be supported? Approximate Numbers: Agentless: Small/Medium-sized Deployments and  LAB Environments Monitoring up to 20 Domain controllers and/or Exchange servers. User-ID Agent : Large Deployments Monitoring up 100 Domain controllers and/or Exchange servers 4. When Using User-ID Collector would support so many user-id, user-group Is it makes a problem of performance for MGMT of FWs? Using the User-ID feature to its max capacity would increase the MP CPU but should not affect the Managment Access to the FW. 5. I know that command "show user ip-user-mapping all" would show mapping user for DataPlane and "show user ip-user-mapping-mp all" would show mapping user for Management Plane? What's different for both of the command? When should I check for user-mapping for MP or DP? DP reads User ID info from MP ,so while debugging User-ID related issues start with MP related command  (show user ip-user-mapping-mp all). ... View more

Re: Is it possible to see what is the amount of BW is utilized by non-business traffic?

by in General Topics
‎08-14-2013 04:28 AM
1 Kudo
‎08-14-2013 04:28 AM
1 Kudo
Few Options: 1>Enable QOS default profile on the interface to get realtime B/W usage. 2>Using ACC which gives a good estimation of Bytes Consumed over certain duration eg Last 15 mins. 3> Using SNMP and Cacti Templates: https://live.paloaltonetworks.com/thread/4367?tstart=0 ... View more
Register or Sign-in
Contact Me
Online Status
Offline
Date Last Visited
‎05-10-2024 02:32 PM
Latest Tags
No tags yet
Likes Given To
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks