Did you know that you can help your fellow community members by accepting solutions when a reply answers your question Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature
...
Hello,
So, we currently authenticate administrators to our PA's via Radius (TACACS). Is there a way to configure the PA's that it will only use the local DB / Administrators if Radius isn't available?
Thanks!
Hi,
I keep getting this error when trying to connect with global protect, this pc is on the internal network. I should get the massage 'Connected Internal'...any ideas. I have included the log below and highlighted the line.
(T3776) 04/24/13 09:46:14:8
...
We are trying to produce a report which summarizes the URLs visited by a specific user along with the total bytes downloaded from each URL.
It seems that the bytes are available in the Traffic log, but not the URLs; conversely, the URLs are in the URL
...
Hello everyone.
Global Protect message is "The certificate CN name mismatch, The certificate is not issued to x.x.x.x" when I connect GP.
I configure to import certificate that issurer is Go Daddy Secure CA.
Why does CN name mismatch???
I am very new to the PANOS world so I will apologize in advance if this is obvious, however my search of documentation and knowledebase did not yield anything. I have been looking for a way to administratively shut down sub interfaces. Is this possib
...
What does it mean and how to solve it?
Regards Robert
If I have a FQDN "abc.com" that have two DNS records 10.0.0.1 and 10.0.0.2.
Then I create a address object with FQDN type, and the value is "abc.com"
When I use this object into security policy, how does it working? Does it become 10.0.0.1 or 10.0.0.2
...
I want to be able to use a set of countries for some specific rules. Is there any way to create a group with countries?
Is there a way to add more than one DNS suffix to DHCP?
I know in Mac OS X I can add multiple search domains, but I don't want each user to have to do this, nor type in our long domain names each time either.
Thanks!
Has anyone had success connecting Avaya IP phones via VPN to PA devices? I am able to complete IKE Phase 1 authentication, but fail Phase 2 due to local/remote proxy IDs not found:
'IKE phase-2 negotiation failed when processing proxy ID. cannot fin
...
I am attempting to setup an IPSec VPN tunnel to connect to remote Avaya phones. I am not sure if I am doing it correctly. I've set up a new IPSec tunnel and configured it to use dynamic IP for remote peers. I am not sure if this is correct or not. It
...
Hello,
I have issue about Global Protect.
So I want to downgrade Global Protect Agent.
Does Global Protect Agent downgrade automatically on transparent mode?
I have tested result for one PC what doesn't downgrade automatically, right?
Thanks
We have a setup for up to 2.000 employees. Every employee has the GlobalProtect installed, but we are not using any User ID agent.
We have only one portal configured, for both internal and external (vpn) connections.
We have a need to create password hashes offline, is there a tool or script available to take a cleartext password and generate a phash?
For example, the audit team wants to be able to select a password and generate the hash, so we can later paste int
...
Hi,
Do we have any limit on the number of applications that can be added to an application group?
If yes, is this limit PA-FW model specific?
Regards,
Charanjeet
