About _slv_

Are You sure? It's impossible to commit with aplication=any service=app-default. ... View more

I have another question for You - related to this problem. In dayly report I got: Why they are blocked? I'm not using URL filtering in this security policy. How to troubleshoot it? Regards Slawek ... View more

Hi As you sugested I changed settings in policy, now it's any/any as an aplication and services. Report made from yesterdays logs says: As You can see there is a lot of unwanted aplications, I'd like to let them working: - web-browsing - flash - ssl - web-crawler - ssh - ftp - ping Rest of applications are unwanted for me. How I should reconfigure my security policy? Should I put this applicatios into apps and create my own services: web-browsing (tcp/80, tcp/443) webdav (tcp/443, tcp/80) ssh (tcp/22) ftp (tcp/21, what about data stream?) ping (icmp) and put them into services? Help me please to properly configure my device With Regards Slawek ... View more

Hi Gafrol Could You explain me why I should use service ports insted of aplications. For me it's strange, ie: on port 80 we have more than 2000 aplications. I'm using aplication because I prefer to protect my servers (by thread prevention) also PAN check traffic for inproper transmission. Do I'm wrong? Regards Slawek ... View more

Hi Try this: Deploy certificate for all users of Firefox using Microsoft's Group Policy | Forum Pomocy dla Firefoksa | Pomoc Mozilli Good luck! SLawek ... View more

>I prefer create a policy and select the user to apply a policy to every user. but only apper the authenticated user with LDAP\ I know that this is a bit strange, but please put (enter by hand) a name of local user to User field in security policy - that all. In my opinion You need 10 security policies and one GP portal. Regards SLawek ... View more

Hi That all I know, I expected answer from real configuration and community users experience. Could someone share it? With regards Slawek ... View more

Here You are http://www.startssl.com/?app=1 Please ramain that You need to "glue" Your cert with intermediate cert of StartSSL. I'm using StartSSL for years. Regards SLawek ... View more

On 5.0.9 there isn't such options so I guess that You are using 6.0.x PAN. Anyway - thank You for your help. Regards Slawek ... View more

Hi You wrote: "We made a policy change not to report on benign files" Could You share me a screenshot with such config? I can't find this option in GUI ... Regards SLawek ... View more

Hi Hulk give You document, please follow it but use public IP (not 192.168.x.x) and some kind of service like DynDNS to map dynamic IP to constant FQDN address. Hope this help SLawek ... View more

Hi Are You sure that cp-test (as a FQDN)  is a really FQDN address and resolvable by PA and Chekpoint? Try to ping that address from CLI Regards SLawek ... View more

Hi Today system logs started working.... I dont understand how - but it's started working at 1:00. ... View more

Hi Bob WHat version of PAN are You using? I'm on 5.0.9 and I observed the same behaviour. Regards Slawek ... View more