General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Discussions

Authentication Fallback

Hello,

So, we currently authenticate administrators to our PA's via Radius (TACACS).  Is there a way to configure the PA's that it will only use the local DB / Administrators if Radius isn't available? 

Thanks!

mrsold by Not applicable
  • 8876 Views
  • 10 replies
  • 0 Likes

Reporting URLs and Bytes together?

We are trying to produce a report which summarizes the URLs visited by a specific user along with the total bytes downloaded from each URL.

It seems that the bytes are available in the Traffic log, but not the URLs; conversely, the URLs are in the URL

...

KGC by L3 Networker
  • 3812 Views
  • 5 replies
  • 0 Likes

Resolved! Global Protect message is CN name mismatch.

Hello everyone.

Global Protect message is "The certificate CN name mismatch, The certificate is not issued to x.x.x.x" when I connect GP.

I configure to import certificate that issurer is Go Daddy Secure CA.

Why does CN name mismatch???

Shutting down/disabling subinterfaces

I am very new to the PANOS world so I will apologize in advance if this is obvious, however my search of documentation and knowledebase did not yield anything. I have been looking for a way to administratively shut down sub interfaces. Is this possib

...

scourge by Not applicable
  • 16147 Views
  • 11 replies
  • 0 Likes

Add Multiple DNS Suffixes

Is there a way to add more than one DNS suffix to DHCP?

I know in Mac OS X I can add multiple search domains, but I don't want each user to have to do this, nor type in our long domain names each time either.

Thanks!

Avaya 9611G/4610SW VPN to PA-500

Has anyone had success connecting Avaya IP phones via VPN to PA devices?  I am able to complete IKE Phase 1 authentication, but fail Phase 2 due to local/remote proxy IDs not found:

'IKE phase-2 negotiation failed when processing proxy ID. cannot fin

...

itmanager by L1 Bithead
  • 21186 Views
  • 22 replies
  • 0 Likes

Resolved! IPSec VPN Setup for Avaya Phone

I am attempting to setup an IPSec VPN tunnel to connect to remote Avaya phones. I am not sure if I am doing it correctly. I've set up a new IPSec tunnel and configured it to use dynamic IP for remote peers. I am not sure if this is correct or not. It

...

mario11584 by L4 Transporter
  • 21014 Views
  • 16 replies
  • 0 Likes

Tool to generate 'phash' style hashed passwords?

We have a need to create password hashes offline, is there a tool or script available to take a cleartext password and generate a phash?

For example, the audit team wants to be able to select a password and generate the hash, so we can later paste int

...

snocc by L0 Member
  • 13082 Views
  • 6 replies
  • 0 Likes
Labels