Authentication Profiles on Global Protect
Is it possible to have two sets of authentication profile on Global Protect ? One ste of users authenticating through AD and another set through digital certificates only .
Is it possible to have two sets of authentication profile on Global Protect ? One ste of users authenticating through AD and another set through digital certificates only .
Do I need Panorama to set up email notifications on high and critical severity threats? I know you can set up sheculed reports, but what if I just want to receive an email when a threat is blocked or detected, or what have you.
Hi everyone, I'm sorry if this has been answered elsewhere-- I'm new to this livecommunity thing so, although I tried to search for an answer before posting-- I may have missed something... I'm running PanOS 6.1.7 and I can't find anything that explains what gets logged in the 'misc' field of the threat syslogs when the subtype is 'vulnerabili...
Port 5222 traffic is being denied after the google-base update. End users using xmpp client, like trillian, are not working. Any workaround besides explicitly allowing that port? Thanks!
Since upgrading to MT 3.2.4 I have been unable to import the XML file from a SRX . Previous to this release (3.2.1), I had no issues with the same XML. However, it is not working on 3.2.4 The XML file is correct with the configuraiton tags at the start and end of with no attributes. I have created a number of projects, deleted them and res...
PA-500 Software Version 7.0.3 How do I generate meaningful user reports, or how do I better interpret the reports that are available. With a User Activity Report I get application statistics, browsing summary by category etc. But I can't say "User domain\user was on these sites between 10am and 11am when they should have being working". ...
I feel like I should already know this, but I just need a sanity check. I have a rule that allows host A to B via tcp/900. So host A starts to communicate via host B via that port. The firewall allows it and a session is created. Now, assume A and B stop talking but don't formally close the session. After the default timer, the PAN closes ...
I was curious if anybody else has seen this issue, or could perhaps try to duplicate it. I have a problem with third party VPN clients after upgrading from PanOS 6.1.6 to 7.0.3 on our PA-3020s. Specifically, the built-in IPSec VPN client on Mac OSX (10.11/el capitan) and iOS (9.1). They can connect, but a simple ping test shows packet loss n...
Hi We have a guest wifi that availave to all and sundry to be used by using their own equipment. We would like use SSL Decryption on this. The main issues is that for guest device we have no control over this to be able to install the CA cert onto it. Is there any solution to this , other than issues instruction to all users on how to inst...
Hello All, I am after some help with SSL decryption? We currently want to decrypt ALL SSL traffic. However moving forward there are 3 catorgies we wish to bypass SSL decyption for BUT only with the use of the opt-out pages not a blanket SSL catorgoy bypass. Is this possible on the Palo? We are running currently 6.1.3 but can upgrade to 7...
I have several satellites and one portal. I have a lot users connected to the satellites and portal. From a CLI console, I would like to query for GlobalProtect users from a centralized console. Right now, it is a pain because I have to open a CLI console for each satellite/portal and send a command to each device to find information on a ...
SYSTEM ALERT : high : WildFire Public Cloud channel registration received invalid cloud info" errors all of a sudden. No change on our side. varrcvr.log only reports 2015-11-24 08:25:24.386 -0500 Error: pan_fbd_fwd_report_process(pan_fbd_fwd.c:4029): pan_fbd_cloud_getreport() failed" 2015-11-24 07:33:35.334 -0500 check wildfire license: vali...
We are seeing a high number of HTTP Non RFC-Compliant Response Found Signature ID : 32880 CVE-2010-2561 All are logged from aws servers, evenly distributed across a large number of servers - 173 in one hour, each with 300-500 hits. I have packet captured the vulnerability and it is logging a seemingly innocuous XML file. I suspect this is ...
I'm trying to import my production Panorama VM configuration into my lab Panorama VM and I am getting the following message, and I'm not entirely sure what it means: upload -> config -> content Node can be at most 41943060 characters - current length after decoded 42002198upload -> config -> content is invalid Does this mean the ...
Hello All, i have problem with my GP. I configured it and for 99% users work fine. But a few has communicate "resend credential" and stuck. In log file PanGPA.log i have: (T6992) 12/01/15 11:24:08:539 Error( 129): Failed to open sub key 'Software\Palo Alto Networks\GlobalProtect\Settings\pre-vpn-connect' (T6992) 12/01/15 11:24:08:539 Error( 129...
| User | Likes Count |
|---|---|
| 4 | |
| 4 | |
| 3 | |
| 3 | |
| 2 |

