This website uses cookies essential to its operation, for analytics, and for personalized content. By continuing to browse this site, you acknowledge the use of cookies.
For details on cookie usage on our site, read our Privacy Policy
For details on cookie usage on our site, read our Privacy Policy
About nbctcp
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- LIVEcommunity
- About nbctcp
05-13-2022
8Posts
0Likes
0Solutions
May 13, 2022Last Visited
User
Activity
User
Profile
Latest posts by nbctcp
| Subject | Views | Posted |
|---|---|---|
| 2932 | 02-19-2021 08:43 AM | |
| 2964 | 02-19-2021 07:41 AM | |
| 1501 | 05-18-2020 08:05 PM | |
| 2653 | 11-03-2019 06:39 PM | |
| 2758 | 10-10-2019 04:32 AM | |
| 2234 | 07-09-2019 06:20 PM | |
| 2081 | 08-11-2016 10:58 PM | |
| 2095 | 08-10-2016 06:36 PM |
Posts I Liked
| Subject | Likes | Author | Latest Post |
|---|---|---|---|
| 8 Likes | |||
| 1 Like | |||
| 2 Likes |
User Badges
Community Statistics
| Member Since | 08-10-2016 06:10 PM |
| Date Last Visited | 05-13-2022 05:05 AM |
| Posts | 8 |
02-27-2021
08:30 PM
@nbctcp For the IPSec VPN configuration about Sangfor, I find an introduction video on their official YouTube Channel. https://youtu.be/hy7UxfpzPGg Hope this one will be helpful. From my experience, most of the time, we just need to clear the set of options we gonna use(IKE setting, subnet etc.) and follow the guidance of configuration, it will do the job.
... View more
05-18-2020
08:05 PM
GOAL: 1. automatically tag ip address of websites that using self sign certificate then use that tag ip as input of Dynamic Address Group ? 1. is that possible 2. any doc that show me the steps something like this https://panos.pan.dev/docs/apis/panos_dag_qs but that link manually put ip address tq
... View more
- Tags:
- DAG
11-04-2019
01:10 AM
By definition, unless you decrypt outbound traffic, no firewall would be able to tell DNS over HTTPs traffic from the rest, especially if DoH is implemented over a large cloud infrastructure that you can't block with IP lists (think about Cloudflare and Google, which might host the service on their "base image" and mix up services at their will). I think the only currently viable solution is browser makers honoring some "kill switch" mechanism (e.g. Mozilla's canary domain: https://support.mozilla.org/en-US/kb/canary-domain-use-application-dnsnet and network administrators implementing it, where appropriate (I'm thinking about networks where you have a split-DNS situation, and external clients are pointed to a different IP than internal ones... ...lots of reasons to do this, and not all of them can be worked around). Anyway, not really a firewall problem/solution, here, unless we start fiddling with PAN's DNS proxy.
... View more
07-10-2019
01:09 PM
I agree with @BPry , use URL filtering and AD groups for this. I do it all the time.
... View more
08-12-2016
05:04 PM
The PA has to be license and activated as the overall box. Then under the URL filtering if you have never used or licensed that feature you can activate a 30 day demo. You need to have the base activation done and the period still active. If you have already used and expired a URL license then no more demo is available. If no activate of the device has happened at all or the initial period has expired, then there are no demo options.
... View more
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
05-13-2022
05:05 AM
|
LEGAL NOTICES
Copyright 2007 - 2023 - Palo Alto Networks