General Topics
Showing results for 
Search instead for 
Did you mean: 
General Topics

Forum Posts

Resolved! GlobalProtect, Working from Home, Prisma Access and Covid-19

To all, Just wanted to post a message about the Hot Topic right now, which is Covid-19. With all of this going around, everybody's health and safely is the utmost concern. Keeping your hands clean, washing your hands (A LOT), using hand sanitizers, a...

jdelio by Community Team Member
  • 44 replies

GlobalProtect OnDemand mode

Hello,We use PAN OS 4.1.1 and GlobalProtect 1.1.0, free version of GlobalProtect.We have configured GlobalProtect in OnDemand mode.When the GlobalProtect software starts it connects to the PA and try's to logon with the stored credentials (Username /...

Resolved! VPN Authetication with client certificate

Hi, if I configure VPN authentication with client certificate, it will be necesary to enter password?.I don't know if with client certificate you don't need user and password as I've seen in other scenarios. Reading documentation from Palo Alto seems...

ssancho by L2 Linker
  • 2 replies

Apostrophe in user name breaks query builder

Hi all,I have a username in my organisation that is domain\john.o'neill and I'm finding that when I try to do a query such as (user.src eq 'domain\john.doe') it's fine, but when I put in (user.src eq 'domain\john.o'neill'). I appreciate that this is ...

UKRB by L3 Networker
  • 1 replies

How to route internet traffic through a tunnel interface

What's the best way to route all internet traffic (except IPSec VPN tunnels) through a IPSec VPN tunnel interface?We want to have a single point where all internet traffic passes through and uses the same policies for web and applications.

helge by Not applicable
  • 5 replies

Resolved! Management CPU ends up stuck on 100% after several commits

Hi,we are on a 2050 4.1.2 and are seeing consistenly that the management CPU heads towards and gets stuck on 100% after a series of commits, re-boot is only way to fix.Is there a way to deal with this without a re-boot as this drops all sessions for ...

aardman by L1 Bithead
  • 11 replies

Microsoft flight simulator Squawkbox issue

We have a user who says once we moved to our new Palo Alto box from Cisco ASA he is having a odd issue.He claims that Squawkbox works fine as long as he is talking but if he just listens after 2 or 3 min. He looseshis audio until he speaks. To me it ...

Problem in RESTful API with predefined application

Hi,Trying to retrieve list of predfined application with RESTfull api we recieve an error (Firefox):ML Parsing Error: mismatched tag. Expected: .Location: https:///esp/restapi.esp?key=&type=config&action=get&xpath=/config/predefined/applicationLine N...

Trouble setting up Globalprotect

Hello,I'm tring for a week now to configure Global Protect. And have only been partially successful.My config is PanOS 4.1.1 and GP client 1.1.2 on PA 2050 Boxes. No GlobalProtect Licence.I encountered 2 Problems which I can't solve.1.I have configur...

PAN in Layer 2 mode and Microsoft NLB

Hi!Customer configured Palo firewall to work in Layer 2 mode to protect VLAN. In that VLAN there are two servers in MS NLB configuration. In VLAN configuration in Palo, static MAC entry is configured for virtual MAC address, but that entry isn't disp...

mkopcic by L2 Linker
  • 4 replies

PA 5050 Virtual System

I am configuring PA 5050 firewall. I have to configure Virtaul systems in this Firewall. Anyone can guide me for this configuration.

itsecll by L1 Bithead
  • 3 replies

Resolved! Local DB User Name Character Restrictions

Hi All,I noticed that when creating a Local DB User you are not allowed to use a "." (period) in the name, have have not had a chance to test this but does this extend to user name in AD or similar external databases or is this just a limitation of t...

Resolved! Cannot get OSPF to work through a tunnel interface..

Hello,I have been working on my PA-500 trying to get OSPF to work through an IPSEC site to site VPN.I cannot get OSPF to complete. Looking at the status, I see LSAs sent, but none received.I verified that the other end is configured exactly the same,...

mbehlok by L0 Member
  • 4 replies

VTC NAT problem

I'm having a problem getting a standalone VTC box working. We're replacing Cisco ASAs with PA-500s at our sites, so there are existing rules that should be working when translated to Palo Alto. I'm fairly confident I have the requirements down:tcp/17...

nwallette by Not applicable
  • 6 replies

Resolved! ignore_user_list.txt/filter groups list

Question, when we were using the User Identification Agent Version 3.1.2 we could filter out accounts by editing the “ignore_user_list.txt” in the pan agents folder (typically c:\Program Files\Palo Alto Networks\PanAgent). Now we have upgraded to the...

Resolved! View Log Size

Is there a way to determine the space size of log files? What is used and what is available? PAN OS 4.0.9

Top Solution Authors
Top Liked Authors