General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Static IP's for VPN Users?

I have a customer that is asking if its possible to assign static addresses to VPN users. This is required because of existing upstream firewalls that have ACLs tied to source IP addresses. This is done so that users can VPN into the network and then gain access to specific resources that are managed by a different group. I was wondering if anyo...

Set user ID issue

Hi..All I have a problem with the user ID.A year ago, I have configured the MS Active Directory and user ID.Today I found that the user ID does not work properly.I was just checking the problem IP- user-mapping count is zero,but the number of IP- user-mapping-MP is normal.Is it for some reason the other information? And why is that management pl...

wooki by L1 Bithead
  • 2576 Views
  • 1 replies
  • 0 Likes

Resolved! Slowness with http file transfer after placing PA in-line

We recently place firewall in-lline and now when needing to use http file transfer it takes over 5 min. Before PA's in transparent mode it was a 20sec process. Is there any thing I can check to see why this is now happening? Or something I need to modify? Over scp works fine but we are not looking to use SCP as primary file transfer method.

Configuring GlobalProtect with Wildcard Certificate

Hi All, I'm configuring GlobalProtect for the first time and would like to ask a few questions about using a Wildcard certificate to set this up. After going through the below document, I have some questions: https://live.paloaltonetworks.com/t5/Management-Articles/How-to-Use-a-Wildcard-SSL-Certificate-with-Subject-Alternative/ta-p/52849 1. Th...

gp1.png
Bocsa by L3 Networker
  • 14332 Views
  • 2 replies
  • 0 Likes

Allowing Lync: enabling SSL decryption blocks it

Hi, In a test setup I'm trying to allow MS-Lync while SSL decryption is enabled. I've got a general rule to enable SSL Decryption with the proper certificate installed on the clients end. In my security policies I've got a rule to allow Lync based on App-ID. Lync however refuses to even sign in. The only thing I have noticed that DNS reques...

Allow-Lync.PNG
age out.PNG
Arne-VDH by L3 Networker
  • 3906 Views
  • 3 replies
  • 0 Likes

Resolved! Restart GUi

Have an issues to where no matter what browser I use GUI will never load. Is there a service I can restart via GUI to restart

Resolved! Convert Template to Template Stack

We use Panorama to manage our firewalls and have a template configured with settings for all of our devices. I would like to split the devices by region for administrative access and would like to retain the current settings in the template. I can create a new stack, but would lose the settings in the current template so wondered if it's possibl...

Ash2k by L2 Linker
  • 7339 Views
  • 3 replies
  • 0 Likes

Resolved! XML API commit-all not working

Hi all, Does anybody have an idea why the following happens, and what the solution might be? I'm trying to perform a commit-all via the REST API using the the following URL:https://panorama.domain/api/?REST_API_TOKEN=hash&type=commit&action=all&cmd=<commit-all><shared-policy><device-group>"Group-Name"</device-gro...

new sessions and max sessions

Hi, What are the differnces between the metric new sessions and max sessions . I can see sessions per sessions from cli .How can i see new sessions count Thank you

sib2017 by L4 Transporter
  • 4596 Views
  • 1 replies
  • 0 Likes

Panorama: dynamic updates to clients

Hi, I've added two VM-100's to Panorama and placed them into a device group. Connectivity is okay, deploying templates goes fine, but for some reason when I try to configure Panorama to shedule dynamic updates to the VM's, they don't show up in the list of devices to push it to, see: http://imgur.com/a/7hEbi Which probably easy/silly step did ...

Arne-VDH by L3 Networker
  • 5976 Views
  • 5 replies
  • 0 Likes

Customizing report column width

Hello friends is it possible to customize report column width in such a way that, for example, name of my firewall (which is added to report by choosing firewall SN field) will not get cut off, like in my attached report example? Thanks for feedback..

Report.JPG

7.0.4 upgrade

Just wondering if people have finally bit the bullet and updated to 7.0.4. I'm still on 6 at the moment just waiting for the right version with minimum bugs that people are willing to use. I'm not using Panorama or SSL decryption so I'm getting tempted. Not sure if I should wait until 7.0.5 though.

pmc by L2 Linker
  • 4157 Views
  • 2 replies
  • 0 Likes

Resolved! applications for Windows domain

We are preparing to put a client PC who is part of our domain in another subnet, behind PA firewall. Can you help me complete a list of applications needed for normal Windows domain functionality ? The usual would be: dns ms-netlogon active-directory (includes ms-ds-smb for access to file shares printing (hp-jetdirect and the like) What ab...

dieter_b by L4 Transporter
  • 15381 Views
  • 5 replies
  • 0 Likes

Do you guys happen to know why receving logs is stacked only 1 Disk?

Hello The OS Panorama(M-100) Version is 6.0.9 and There are inserted Disk 4paris(4TB). The panorama is being connected to just 1 FW I am not sure Later 5.0.x can be stacked id1, id2, id3, id4 to even out to equal disk size before version, when ID1 is full and then receving logs deliver next Disk but even though the device os version is 6.0...

John_Lee by L2 Linker
  • 2734 Views
  • 2 replies
  • 0 Likes
  • 24401 Posts
  • 123 Subscriptions
Top Solution Authors
Labels