Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Get Started
- News & Events
- Collaboration
- Education Services
- Technologies
- Next-Generation Firewall
- GlobalProtect
- Threat Prevention Services
- Endpoint Protection
- SSL Decryption
- App-ID
- Content-ID
- User-ID
- 5G
- IoT Security
- Cloud Identity Engine
- Panorama
Network Security
- Prisma Access
- Prisma Cloud
- Prisma SD-WAN
- CN-Series
- VM-Series:
- Private Cloud
- OCI
- Alibaba
- AWS
- GCP
- Azure
Cloud Security
- Cortex XDR
- Cortex XSOAR
- Cortex Data Lake
- Cortex Xpanse
Security Operations
- Resources
- COVID-19 Response Center
About sconley
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- LIVEcommunity
- About sconley
08-18-2015
9Posts
1Like
1Solution
Aug 18, 2015Last Visited
User
Activity
User
Profile
Latest posts by sconley
| Subject | Views | Posted |
|---|---|---|
| 1791 | 02-21-2013 04:51 AM | |
| 782 | 11-30-2012 01:06 PM | |
| 891 | 11-30-2012 06:51 AM | |
| 914 | 09-18-2012 12:38 PM | |
| 1094 | 09-18-2012 07:14 AM |
My Liked Posts
| Subject | Likes | Posted |
|---|---|---|
| 1 Like | 08-28-2012 06:51 AM |
User Badges
Community Statistics
| Member Since | 05-31-2012 07:35 AM |
| Date Last Visited | 08-18-2015 09:07 AM |
| Posts | 9 |
| Total Likes Received | 1 |
02-21-2013
04:51 AM
Thanks everyone for the responses. We've been actively using the dynamic block list feature since the 5.0 release (I guess I forgot to update this thread). We've been working with support on 1 issue we've been seeing when using the Spamhaus list.
... View more
11-30-2012
01:06 PM
I've currently got a ticket open with our support provider to see if we can find anything.
... View more
11-30-2012
06:51 AM
We recently upgraded to 5.0 and one of the first things I wanted to try out was the dynamic block lists. I set up 4 block lists (dshield, zeus tracker, palevo tracker, spyeye tracker) and tested to make sure the URLs were accessible. I rec'd the message that they were accessible/readable, so I set them to pull data daily at 7:00am, 7:01am, 7:02am, and 7:03am. It turns out the files weren't in the correct format so we got the message that no valid IPs were found (or something like that). At 7:00:59am the firewall started to go a bit haywire. DHCP would not traverse the firewall, VPN connections kept dropping, and we kept getting logged off the firewall web interface. It turns out the config file got corrupt (apparently due to the block lists). In a rush to get the firewall back inline, we were not able to save the config file at the time to review it. What fixed it was downgrading and upgrading again. My question is - has anyone else run in to issues due to the dynamic block lists? I'm wondering if this was just a fluke thing or if there are issues with the block lists. Future plans include making sure the block lists we use are in the proper format.
... View more
- Tags:
- dynamic_block_list
Labels:
- Labels:
-
Configuration
-
Set Up
09-18-2012
12:38 PM
Looks like the issue was due to NATing. We resolved the issue and got it working correctly.
... View more
09-18-2012
07:14 AM
We ran http://test.callway.com on our network to test Cisco WebEx Telepresence and it fails due to the following: Issue Your firewall is altering SIP messages and interfering with the proper operation of WebEx Telepresence. What does this mean? Your calls may drop or not complete successfully, and you may not be able to use extended features. What can I do? Disable the SIP ALG funcationality (VoIP fixup) in your firewall settings. Click here to see how. Test details SIP invites to Test Network video call ... FAILURE SDP has been rewritten - firewall with SIP ALG in your network? Does anyone know how to resolve this?
... View more
08-29-2012
10:32 AM
If I were to enter multiple subnets (ex: 218.65.30.0/24) as entries in a Custom URL Category, will those entries been seen as the entire subnet or will they be seen as a URL ( http://218.65.30.0/24 )? I ask this because I'm looking at creating an outbound block/deny policy based off custom URL categories and I want to make sure I am actually blocking this entire subnet. I am also looking at the possibility of creating this list as a Region and then blocking that region. It seems silly to create an address object for each one and then add them all to an address group, which I know can be done automatically through scripting to save time, but I was wondering if the above scenario would do what I need. Thanks
... View more
Labels:
- Labels:
-
Configuration
-
Management
08-28-2012
06:51 AM
1 Kudo
I'd like to block a list of IP addresses based on the ZeuS IP Blocklist. What is the best/preferred method for doing this on the Palo Alto? Thanks
... View more
- Tags:
- block_list
- zeus
Labels:
- Labels:
-
Configuration
08-17-2012
08:50 AM
We deployed our PA last month, generated an SSL certificate (forward trust, forward untrust, and trusted root CA), and created SSL decryption rules. Since the creation of the rules we are getting weekly medium system alerts (8 of them) stating "reverse proxy key ['cert_name]' doesn't match certificate issued to '1.1.1.1'." There are others that have 'IOS-Self-Signed-Certificate-[phonenumber]' listed instead of '1.1.1.1'. Thoughts?
... View more
Labels:
- Labels:
-
Troubleshooting
06-20-2012
11:08 AM
Is there a way (CLI or WebUI) to export the URL Filtering objects and their details? We are looking to export the objects and their block/allow categories so we can put them in front of management.
... View more
Labels:
- Labels:
-
Configuration
-
Management
LEGAL NOTICES
Copyright 2007 - 2021 - Palo Alto Networks
