General Topics
cancel
Showing results for 
Search instead for 
Did you mean: 

Discussions

Join Us for a Tech Deep Dive Miniseries!

 

Stop Zero-Day Threats in Zero Time with Nebula PAN-OS 10.2.

 

Join us live for an in-depth look at the latest advancements in cybersecurity, best practices, tips and tricks, demos and
more to protect your business and defend against threats in real

...

nebula-on-demand-tech-deep-dive-miniseries-live-community-banner-2600x600.jpg
jforsythe by Community Team Member
  • 488 Views
  • 3 replies
  • 1 Likes

Resolved! Aggregate Ethernet Interface with Subinterfaces

Hi there,

I'd like to set up a PA-5060 with an aggregate Layer 3 ethernet interface with no address:

Aggregate Interface

Name: ae1

Type: Layer 3

Address: (none)

Virtual Router: (none)

Tag: (none)

Security Zone: (none)

and then add subinterfaces to it, each of

...

Howto delete sub-interace from cli

Hi,

I`m trying to delete a sub-interface from CLI but cant seem to find the correct command, i managed to remove the IP address and tag but not the entire sub-interface.

admin@PA-200# delete network interface ethernet ethernet1/4 layer3 units ethernet1

...

u18830 by Not applicable
  • 7057 Views
  • 13 replies
  • 0 Likes

Secondary IP and DHCP

Greetings,

Say we have an interface that is configred the following way:

e1/2.240

Tag: 240

IPv4 Address (two addresses on the interface):

-10.10.100.1/24

-192.168.100.1/24

Now, if that interface is configured as a DHCP relay, which network is it going to se

...

mrsold by Not applicable
  • 4508 Views
  • 8 replies
  • 0 Likes

Resolved! about session offload

Hello

the purpose is to minimze the cpu consomption but in wich way ?

how the offload work exactly?

thank's

Gregoux by L4 Transporter
  • 8471 Views
  • 7 replies
  • 0 Likes

Resolved! How can I filter disabled rules in the 'policies'-tab

Hi,

I am quite new with Palo Alto and I try to filter disabled rules, so that I only see the enabled rules. I know that a lot of syntax can be found in the monitoring tab, but since enabled/disabled rules are not in it, I cannot find. It is on the Pal

...

Shutting down/disabling subinterfaces

I am very new to the PANOS world so I will apologize in advance if this is obvious, however my search of documentation and knowledebase did not yield anything. I have been looking for a way to administratively shut down sub interfaces. Is this possib

...

scourge by Not applicable
  • 4453 Views
  • 9 replies
  • 0 Likes

How to shun/block an IP address for a period of time

I've worked with several traditional IPS in the past and there is always a way to create rules that shun or block a source IP address for some period before automatically resetting.  It is especially useful for stopping automated bots that are just p

...

njoyzrd by L1 Bithead
  • 2824 Views
  • 4 replies
  • 1 Likes

GlobalProtect and "client sleep mode"

Hello,

as described in the "GlobalProtect 1.1.6: Addressed Issues" (issue point 35361) the unnecessarily reconnection after sleep/hibernate mode should be fixed.

We are using the GlobalProtect Version 1.1.7 . The portal configuration are:"On demand" mo

...

Hithead by L4 Transporter
  • 5121 Views
  • 7 replies
  • 0 Likes

Resolved! Globalprotect Portal same IP w/ management interface

Hello,

Before setting up globalprotect portal, I could access the management interface using the public IP externally. Once I configured globalprotect portal for VPN, the IP now directs you to globalprotect welcome login page. Which is normal, cause I

...

icap by Not applicable
  • 3077 Views
  • 5 replies
  • 0 Likes

Resolved! USER ID MAX USERS IN A GROUP???

Hello,

I've configured on PA5060 an Idenfication with AD:

PA5060: 4.1.6    USER ID AGENT : 4.1.4-3

LDAP SERVER 389

I do a group mapping  by group but this group have more than 16000 users.

when I do a show user usersIDS , I can't see all my users. I know

...

alle by L3 Networker
  • 8204 Views
  • 8 replies
  • 0 Likes

GlobalProtect - how to edit the download page

Is it possible to edit the GlobalProtect download page?

On the page where users are prompted to download the 32bit, 64bit, or Mac version version of GP, I would like to add some instructions for the not so savvy user on which version to select and how

...

etnerual by L1 Bithead
  • 5048 Views
  • 14 replies
  • 1 Likes

Resolved! User authentication - Global Protect

HI.

I'm pre-staging a couple of PA2020's (active/passive), and am having an issue with getting authentication via AD working for Global Protect through Active Directory.

As far as I can tell, the LDAP configuration is correct - the firewall connects to

...

darren.g by L4 Transporter
  • 12887 Views
  • 12 replies
  • 0 Likes

Authentication Fallback

Hello,

So, we currently authenticate administrators to our PA's via Radius (TACACS).  Is there a way to configure the PA's that it will only use the local DB / Administrators if Radius isn't available? 

Thanks!

mrsold by Not applicable
  • 4808 Views
  • 6 replies
  • 0 Likes