General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

How and Why to Accept a Solution to Your Post

Did you know that you can help your fellow community members by accepting solutions when a reply answers your question. Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature

...

JayGolf_0-1691518400714.jpeg
JayGolf by Community Team Member
  • 2894 Views
  • 2 replies
  • 14 Likes

GP VPN client vs native OS VPN client

I am trying to decide whether to put global protect clients on all the users or just use the native VPN client included in the OS. Is there an advantage to using the GP client over a native client

jdprovine by L4 Transporter
  • 6512 Views
  • 8 replies
  • 0 Likes

Web Page Elements are not displayed correctly

Hello Everyone,

I have a weird behavior on our multi-vsys firewall.

Some web pages (I will attach a screenshot) are not displayed correctly/completely. We have our pair of A/P 5050 configured with 3 vsys.

1st - is internet facing and I have SSL VPN conf

...

Resolved! Agentless UserID no longer maps users

Hello all,

I've had Agentless UserID working fine for over a year now.  Last week our PA-3020 running 6.0.3 stopped being able to identify users which it then started blocking all Internet browsing because it thought everyone was unauthenticated.  Not

...

ClintL by L2 Linker
  • 3185 Views
  • 3 replies
  • 0 Likes

PA-2000/4000 trade-in

Did anyone do a trade-in for their PA-2000/4000 series device (under the so called Customer Care Upgrade Program) ?

What about current subscriptions ? Is the remaining value completely reimbursed ?

As in 1 year of the 3 year contract to go, so 1/3rd of

...

dieter_b by L4 Transporter
  • 5914 Views
  • 9 replies
  • 0 Likes

Resolved! Remove syslog server profile via CLI

Hi all,

I have a simple question and it is as follows:

How do I remove a syslog server profile using the CLI?

I would have thought it would be something like

> delete shared server-profile 'syslog (server profile name)'

but all I get in that command is th

...

bmorris1 by L4 Transporter
  • 3500 Views
  • 1 replies
  • 0 Likes

7.0 deployed on two fw's so far and all is well

In the event anyone is curious- I've upgraded two PA-200's from 6.0.3 up to 7.0 (in a remote site and my science project at home). I am leaving the larger production FW's out of the mix for now until a couple of minor updates come along just to make

...

eDub by L1 Bithead
  • 4193 Views
  • 6 replies
  • 2 Likes

finite state machine diagram for HA

Can anyone point to a diagram of a Finite State Machine for HA failover scenarios?  It would be good to have for consultation and understanding of the different behaviors.

derasa by L0 Member
  • 1556 Views
  • 0 replies
  • 0 Likes

MS Azure mass changes

Every week we get a huge list of new IP addresses and subnets for the MS Azure product to be allowed through our firewalls. The file that contains the new updates is an XML file. I have a couple questions that I hope to get help with.

1. Surely we ca

...

wessepj by Not applicable
  • 1537 Views
  • 1 replies
  • 0 Likes

Global Protect pre-logon and SSO

Help me understand this better, on the global protect portal for the server cert i need a public cert from a place like godaddy?  For the client cert I can use a cert that issued from our internal cert authority which has a cert on all the domain wor

...

markk96 by L3 Networker
  • 1744 Views
  • 1 replies
  • 0 Likes

Agentless UserID in a MultiDomain Environment

My first question would be is it possible to configure a firewall with no vsys license to query more than one domain without deploying the UserID windows agent?

My second question would be if yes then how given that there is only 1 WMI authentication

...

CHammock by L2 Linker
  • 2233 Views
  • 2 replies
  • 0 Likes

Thoughts on a set of application rules?

I was messing around in the interface today and had a thought as for rules and am curious what other might think.

I created a group of rules for a particular zone/AD User group.  Something like this

Allow but do not log (DNS for example)

Allow these app

...

BobW by L4 Transporter
  • 2936 Views
  • 2 replies
  • 0 Likes

PA-VM on ESXi - L2 Topology Design Questions

I'm looking to deploy a pair of PA-VM 200s running 7.x on a vSphere 5.5 cluster and would like a sanity check on the design.

My client's network currently has one large VLAN that houses most of their servers.  For the sake of this example, we'll say i

...

bkeifer by L1 Bithead
  • 2186 Views
  • 1 replies
  • 0 Likes
  • 24016 Posts
  • 99 Subscriptions
Top Solution Authors