About Rameshwar

Hi Team    as per the requirement youtube needs to be blocked ,  we have blocked youtube with applcation , url category and it is blocked on browser.  but when customer accessing the youtube application it is not getting block even though it is hitting the deny policy . we have tried decrytion as well but no luck .  Any suggestions ? ... View more

Hi Team    please advise if DLP , ICAP is supported with PA . There is no document found as such , but i have found few fourms which says it is not supported but wanted to check as a confirmation.  ... View more

Hi All   we are using 3rd party singed certificate for inbound SSL inspection , once we imported the certificate it is not showing any error and commit is working fine . once we add the certificate to decryption policy it is showing error as bad certificate and commit is failing . The certificate is 3rd part signed CA and its not the CA or subordinate CA this is normal server certificate and the key option after import is showing green check mark that means it has the key and also the certificate is valid . please advise what could be the issue for this bad certificate error ... ... View more

we have valid license of GP gateway but Global protect data file not downloading_not showing anything in Dynamic updates. when clicking on check now nothing shows up , tried configuring it as automatic download and install but no luck .    https://live.paloaltonetworks.com/t5/General-Topics/Not-showing-dynamic-updates-for-global-protect-data-file-even-we/m-p/48744#M35897   found the above discussion and it is mentioning that management interface should be able to initiate the connection on port 80 to some fqdn ...will this resolve the issue ? please advise. ... View more

Hi Team    we are facing packet drop issue on ipsec traffic once the ecmp is enabled .  we have two ISP and wish to balance the traffic and using balanced round robbin for the same , once this is enabled ipsec packet drop occurs and if we disable ecmp everything is fine .  The first internet line is lease line on which the ipsec is terminated and the other line is ADSL i.e. dynamic IP .  i am suspecting , since the ecmp is enabled the traffic is going from adsl line and the return traffic is coming on lease line and getting dropped by FW .  please advise if there is any solution for this senario... if i ebale IP modulo or IP hash for ECMP will this resolve the issue or PBF for symetric return ?? ... View more

Hi    one of our customer is facing an issue with Dynamic updates of WF . once the WF updates downloads automatically and starts the installation it get stuck at 0% and due to this commit job goes in queue. i have tried clearing the job manually but doesnt work and after rebooting the management plane the jobs get clear and commit is working . But when i try to download and install the WF update again it is getting stuck at 0% and again i have to reboot the management plane .Once i download the WF updates it shows that the download is successful and show the install option , but when i again click on check now the downloaded WF updates again shows download option even though it was already downloaded .  The FW PA 500 , version is 7.1.2 and i suspect this is the BUG ID related but not sure - PAN-62797  , please advise if this is the issue which we are facing so i can advise the customer to upgrade the fw . ... View more

Hi Team    please advise if there is any link to refer for IOD for PA 850 , the below link shows information for OID of all the models but not for PA 850    https://live.paloaltonetworks.com/t5/Management-Articles/SNMP-for-Monitoring-Palo-Alto-Networks-Devices/ta-p/61052 ... View more