This website uses cookies essential to its operation, for analytics, and for personalized content. By continuing to browse this site, you acknowledge the use of cookies.
For details on cookie usage on our site, read our Privacy Policy
For details on cookie usage on our site, read our Privacy Policy
About gsvarney
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- LIVEcommunity
- About gsvarney
11-21-2022
5Posts
0Likes
0Solutions
Nov 21, 2022Last Visited
User
Activity
User
Profile
Latest posts by gsvarney
| Subject | Views | Posted |
|---|---|---|
| 1302 | 07-18-2012 12:22 PM | |
| 3288 | 12-16-2011 10:05 AM | |
| 3484 | 12-13-2011 11:35 AM | |
| 5260 | 12-13-2011 11:23 AM | |
| 5383 | 11-16-2011 08:16 AM |
User Badges
Community Statistics
| Member Since | 04-07-2011 08:54 AM |
| Date Last Visited | 11-21-2022 12:11 PM |
| Posts | 5 |
07-18-2012
12:22 PM
Hello, I have a PA-500 deployed in a K12 school district. Our Educational Service District (ESD) uses Intermapper to keep track of outages and issues for districts in the area. Since I have moved to the PA they have not been able to get results from our firewall. I have set up policies and other switches do report back to polling. However, the external interface doesn't. I have looked at the Management Interface Settings as that is where polling is allowed. However, the IP in there is the local IP we use for management. If I set this IP to the external address, then I'll no longer be able to access the device to manage it, correct? The ESD is able to poll the inside interface (a different IP than the Management Interface). How can I set this up so that the EXTERNAL interface will respond to polling? Thanks.
... View more
12-16-2011
10:05 AM
Thanks for the info. Actually, when I create a policy to allow the application symantec-av-updates and commit, the commit window tells me at the end that my policy depends on ftp and web. I'll look into the suggestion for creating a custom app for file types. Maybe I'll need to do something similar to look for a specific string in the URI for SAV updates also? I had hoped that the application symantec-av-updates would handle the entire update requirement instead of having to add additional apps or services which makes it all the more difficult.
... View more
12-13-2011
11:35 AM
Hello, I have had a few instances where I've needed to allow certain files types through the data filter. One annoying case was native Office 2007/2010 documents that end in x. What I did was add it to my file blocking profile with the action of ALERT. This is now letting them in. Sometimes I actually have a FQDN or IPs that I can use to allow EVERYTHING in from certain sites, but sometimes that doesn't work. I have 2 examples where I am having issues with this. First, Symantec AV updates. We have contracted employees working in my school district who have their employer-provided computers. As we don't manage them, their Symantec AV updates over the Web. However, these are ZIPs and are blocked. I tried allowing Symantec-AV-update, but that also depends on HTTP and FTP. I couldn't find a good way to use a policy to allow that. Especially as I don't have a FQDN or IP to allow stuff in explicitly. The servers I see getting blocked resolve to something like axx-xx-xx-xx.deploy.akamaitechnologies.com. I've seen other stuff using these exact same servers, so how do I deal with that? I don't know how many of these servers might be accessed by SAV, either. Anyone else dealt with this? Finally, my latest is an uknown file type, used for educational software. Some of the blocks (ZIP, of course) show Akamai servers, but there are others also. This file type is as3a. As PA doesn't list that one, can't use my other file blocking technique to just allow all .as3a files either. Thanks for any help you may have. Geoff
... View more
12-13-2011
11:23 AM
Thanks for the suggestion. I just exported the running config and I believe I see the stuff in there. I may clean that up later. However, to get around this I had opened the 8 non-importing XML appid files and slightly changed the name near the top of the file. I was then able to import them and commit successfully. Geoff
... View more
11-16-2011
08:16 AM
Hello, I am trying to import a few custom applications via XML files I downloaded from my PaloAlto vendor. I did try this before with some that I found here in this forum when running PAN 3.1. I am now on PAN 4.1 (though I may have seen this problem before I updated). Now when I import the XML most of them say they failed to insert, but when I have finished with all of them they all appear in the custom apps filter. However, when I commit it fails with "application <name of app> <name of app> is already in use". I delete the one and it continues to fail until I've deleted them all, except one, which works. The one that works is google-safe-default. I have attached the 5 of the XML files I'm using, including the one that works.. Is this failing because something is stuck (invisibly) in the system so I can't add these new signatures successfully? I don't know how to search via command line to see if there is anything already there. Also, are these compatible with 4.1 anyway? Thanks for any suggestions you may have. Geoff
... View more
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
11-21-2022
12:11 PM
|
Latest Tags
No tags yet
LEGAL NOTICES
Copyright 2007 - 2023 - Palo Alto Networks