This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

About gafrol

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
gafrol
‎10-23-2018
since ‎08-16-2010
L4 Transporter
User Activity
User Profile
Latest posts by gafrol
View All
My Liked Posts
View All
User Badges
Community Statistics
Member Since ‎08-16-2010 02:35 AM
Date Last Visited ‎10-23-2018 05:28 AM
Posts 324
Total Likes Received 64

Re: Global Protect portal authentication with LDAP fails

by in General Topics
‎02-19-2013 05:21 AM
‎02-19-2013 05:21 AM
Which PANOS is running on your box ? ... View more

Re: Global Protect portal authentication with LDAP fails

by in General Topics
‎02-19-2013 04:32 AM
‎02-19-2013 04:32 AM
Take small steps. Does localdb authentication work again ? ... View more

Re: Global Protect portal authentication with LDAP fails

by in General Topics
‎02-19-2013 03:07 AM
‎02-19-2013 03:07 AM
Hi, I don't know what the problem with LDAP against AD could be in your case, but for the same purpose I am using a Kerberos Server Profile and a Kerberos Authentiction Profile in order to authenticate GP users against our MS AD. It looks like this Maybe you can give it a try ? Roland ... View more

Re: Skype IM Problem

by in General Topics
‎02-14-2013 01:13 AM
‎02-14-2013 01:13 AM
Up to you... ... View more

Re: Skype IM Problem

by in General Topics
‎02-14-2013 01:05 AM
‎02-14-2013 01:05 AM
ksuuk schrieb: Hmm, about Your rules, why are You: a) first deny unknow-udp and unknow-tcp for any? Because I followed your rule to not allow any unknown apps in the first place. b) allow skype-probe for any? In order to control skype you have to allow skype-probe and then deny skype. ... View more

Re: VPN Two-Factor Authentication integration into PAN ?

by in General Topics
‎02-13-2013 11:16 PM
‎02-13-2013 11:16 PM
Same is true for the Duo Security Solution, don't get confused by product names. ... View more

Re: VPN Two-Factor Authentication integration into PAN ?

by in General Topics
‎02-12-2013 11:15 PM
‎02-12-2013 11:15 PM
Well actually that was not my point, but even with NordicEdge (now McAfee) you need a local installation of a piece of software, they call it OTPServer same thing. ... View more

Re: Skype IM Problem

by in General Topics
‎02-12-2013 08:02 AM
‎02-12-2013 08:02 AM
Skype 6.1.0.129, default. messaging and voice is working (of course only for user A). I cannot test video no webcam avail. Tested with external contact. PAN OS 5.0.2 latest updates as mentioned above. ... View more

Re: Skype IM Problem

by in General Topics
‎02-12-2013 07:44 AM
‎02-12-2013 07:44 AM
Again I tested this scenario in my LAB. I allow skype for one particular AD user and block it for the rest Only user A can connect ... View more

Re: Skype IM Problem

by in General Topics
‎02-12-2013 07:14 AM
‎02-12-2013 07:14 AM
Unfortunately you cannot block/allow skype for part of the users in the same network due to the nature of skype.... catchword Supernode. But there are some restrictions to Supernode , safest way is to disable the function through registry setting. https://cs.uwaterloo.ca/twiki/view/CF/SkypeConfiguration ... View more

Re: Skype IM Problem

by in General Topics
‎02-12-2013 06:55 AM
‎02-12-2013 06:55 AM
If you look at the screenshot of the traffic monitor you see that skype is blocked. Actually after a couple of minutes skype times out ... View more

Re: Skype IM Problem

by in General Topics
‎02-12-2013 06:40 AM
‎02-12-2013 06:40 AM
Hi , I tried to reproduce the problem in our LAB with PA-2020 on 5.0.2 and latest updates, no ssl decryption policy, Windows 8 client and Windows XP client. It is working like a charm. This is how the security policy looks like and this is the traffic log ... View more

Re: Skype IM Problem

by in General Topics
‎02-12-2013 05:08 AM
‎02-12-2013 05:08 AM
and at the same time allowing skype with proprietary encryption ...? Does not make sense to me . ... View more

VPN Two-Factor Authentication integration into PAN ?

by in General Topics
‎02-12-2013 03:20 AM
‎02-12-2013 03:20 AM
Hello all, recently I learned the Two-Factor Authentication solution from DUO Security. Basically it requires a PAN FW, an AD/Radius Proxy software provided by DUO Security and an Account/API Key. The Proxy software is the interface between AD/Radius and DUO Servers. Since PAN already connects to an existing AD/Radius I am asking myself whether it would make sense to integrate the "proxy software" into PAN ? This would just require to enter the API Key in order to communicate with the DUO Servers on 443 and the extra proxy software is not required anymore. This is valid for other Cloud OTP vendors as well, same technology. I remember that a competitor in the firewall market did have or still has such a feature built in. What do you think ? Is this worth a feature request ? rgds Roland ... View more

Re: top bandwidth usage

by in General Topics
‎10-22-2012 05:09 AM
1 Kudo
‎10-22-2012 05:09 AM
1 Kudo
You could setup QoS profile. This will show the apps/users consuming your bandwidth. Or you could configure Netflow to graph it using PRTG or some other network tool. NetFlow ... View more
Register or Sign-in
Contact Me
Online Status
Offline
Date Last Visited
‎10-23-2018 05:28 AM
Latest Tags
No tags yet
Likes Given To
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks