I am planning on upgrading the PA 5050 os from 6.1.7 to 7.0.3. I have been reading over the changes and I think it would be beneficial to see examples instead of description of what changes are , anyone have any recommendations
We have implimented Global Protect with radius authentication, username/password and a second prompt for OTP, this works great most of the time.
We have noticed that when our users connect from poor WiFi, or internet connections, there are times wh
...
Hi,
How to block ssl vpn and ipsec vpn going from trust to untrust .
I suspect few users are using like free vpn services like tunnel beer and hola vpn .
How can i search those users from palo alto log.
Some users are connected from inside
...
Hi,
I'm searching for the list of supported algorithms for SSH Decryption.
I know it's only for SSHv2.
rg
S
A customer has been warned about DROWN attack (https://drownattack.com/) on one of its servers. As a server is behind PA I thought there was no risk. But searching through signature database I didn't find anything about DROWN attack. I've also checke
...
We would like to configure PBF to failover when several conditions are met. For instance, if we can't ping our next hop AND we can't ping some public server(s). The idea being, while our next hop might be pingable, there may be a routing issue in the
...
I would like to know if we can use the same UserID agent software for 2 domains in different windows machines. If we cant do it, we need to know if we can run 2 diferent instances of UserId agent in the same windows machine pointing to 2 different do
...
Hi,
Users are often getting the message from google and they are forced to enter captcha "Unusual traffic from your computer network",when i check palo alto it seems very normal .
Is there a way to classify or monitor the users who really sending
...
I'm looking to tweak the "40015 SSH User Authentication Brute-force Attempt" which currently fires at 20 ssh attempts within 60 seconds - I'm looking to increase that 20 number. For some reason I can't think of how to easily tweak it right now... may
...
Has anyone been able to successfully get subsecond failovers to work with active/passive firewalls running dynamic routing protocols such as BGP or OSPF? In our lab testing, it appears we can get the firewall to failover instantly, but then it takes
...
We're currently observing something quite interesting:
On our highly oversized PA-5050 firewall, software packet buffer 0 is, for several hours a day exhausted.
This is the platform (pair that runs in High Avalailability A/P):
family: 5000
model: PA-5
Hello.
Currently we use OSPF as our routing protocol between five locations over a layer two IP Ethernet network provided by telco A. In order to get carrier diverse routes and add redundancy we are adding a second similar network provided by Telco B
...
This morning our PAs began blocking internal Sharepoint document access with App-ID 36995. The traffic that is blocked is coming from IE11 + Windows 7 clients.
I'm not sure why this bash vulnerability is being flagged as affecting Windows servers +
...
Hello everyone.
I need to publish 2 webservers (192.168.23.10 and 192.168.23.11), both located inside my LAN (trusted zone) through 2 different public IP addresses (200.111.111.114 and 200.111.111.115). This is the configuration:
admin@PA-500# sh...
Hi,
can You help with following question?: In my policies i want allow google base searching, but do not allow google accounts,or google apps.
BPry
on:
Explicit proxy chaining
Raido_Rattameis
reaper
on:
Global Protect Portal/Gateway infrastructure
BPry
on:
GlobalProtect and other VPNs
BPry
on:
Action=Allow while NATDestinationIP=0.0.0.0
| Subject | Likes |
|---|---|
| 4 Likes | |
| 3 Likes | |
| 3 Likes | |
| 3 Likes | |
| 2 Likes |
| User | Likes Count |
|---|---|
| 14 | |
| 10 | |
| 7 | |
| 6 | |
| 6 |
