Troubleshooting ipsec tunnel setup.

I have setup ipsec between PA200 and cisco device. When trying to bring tunnel up not even able to establish phase1.

Getting following errors in logs. I have keyed in pre-shared key again on both the sides.

ikev2-nego-child-start:'IKEv2 child SA negot

Globalprotect - User-ID - missing domain prefix - group mapping not working

Hi

I have been trying to get User-id / Group mapping to work in one of our installations but without any luck

Tried both Radius and LDAP authentication.

I do see User-ID / IP mapping - but the domain prefix is missing.

"10.253.250.1 vsys1 GP sensagummi

Can i configure duplicate IP's in seperate interaces in seperate VR on a single VSYS or seperate VSY

hi,

am i a able to configure same private address on seperate sub-interfaces on 2 different VR's.

VR can be part of same VYS or seperate VSYS.

We have purchased PA-7050.

PA drops traffic apparently without NO REASON

Hi All,

I have PA 2050 with panOS version --> 7.0.9

I have two rules:

Rule 4 --> Permit for svc-casse application as (ssl, ms-updated ecc)

Rule 5 --> Cleanup for svc-casse

That's the situation check :

RULESLOG

Really really strange behavior I never seen

Info Wildefire analysis and wildefire in antivirus profile

Hai all

after the upgrade to new version of pan os(7.0.13) i found some difference in security profile. Can you help me to understand the difference between:

- Security Profile > Antivirus > wildefire action

- Security Profile > Wildefire Analysis

is A

Application Filtering and Basic Setup

Hi All,

I would like to ask the FF.

1. I want to use Application filtering but permits web browsing.

         - Enabled App filtering, Permit Web-browsing, SSL and DNS but I can't browse and launch any website. Any idea how to permit only browsing on

What's new in MineMeld 0.9.30

Release Date: 2016-12-02

How to update: Updating MineMeld

Core

- log retention is now configurable via file

- fixed a bug preventing the removal of old trace files

API

- fixed a session leak

Docker

- fixed a problem with volumes. Backup your

PA-200 fails bootup after hard power outage

I'm having multiple devices with this issue and I'm just curious if anyone else has seen it.  Basically I have a ton of PA-200's that may experience someone power them down by removing power or shutting a site power off.  When power comes back, they

Blocking attachment on on non-business Emails ( Gmail, Hotmail ,..etc)

Hello,

we need to block any attachment on on non-business Emails ( Gmail, Hotmail ,..etc) , I know that we can block some file extensions by file blocking policy but this the most specfic request to block only any attachment on emails.

is it possible

Problem after upgrade from 7.0.13 to 7.1 pa-5000

Hello all

i have a big problem with the device after upgrading from pan os 7.0.13 to 7.1. The system after reboot dosn't fully boot up.

The web gui starts but doesn't boot the ha configuration and interfaces. If i try to commit it says that it is not p