Did you know that you can help your fellow community members by accepting solutions when a reply answers your question Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature
...
Hi all
In user activity report there Browsing Summary by Website and i need to use it in custom report instead of Full URL description as the report
Regards
Hello,
to get some information of a user-group i use the command: show user group name "abc" and i got all members of the group
and then : debug user-id refresh group-mapping group-mapping-name "abc" and i got "server-error abc is invalid group-mappi
...
After upgrade ssh server to OpenSSH_6.4p1-hpn14v2, OpenSSL 1.0.0j 10 May 2012 I can't connect to this server when using ssh decryption on Palo Alto.
Before ssh server upgrade, decryption was working correctly and I could connect and decrypt ssh traffi
...
Hi,
I'm trying to create a custom APP-ID for nearmaps.com. However, cannot get the monitoring to identify the traffic. Following is how I created the APP-ID,
captured the header information from HTTPFox on Firefox. Refer attached screenshot
Im not sure
...
If the Virtual Panorama goes down for a several hours for maintenance and then comes back online will the Panorama reliably request and receive the updates from the individual firewalls logs for the time it was down so that the logs will be complete?
...
Hello,
How to check what was the reason behind session end? I mean it could be RST, FIN or timeout from firewall.
Regards,
ifpilm
Operation CommitResult Failed
DetailsIPSec tunnel #NAME enabled tunnel monitoring while binding to tunnel interface tunnel which has no IP address assigned to it yet.
I receive this error when configuring a tunnel monitor to the IPSec tunnel. I'm guess
...
Hello,
In a scenario with two palo alto firewalls where the active firewall fails over to the passive firewall, if there are IPSEC tunnels established are they suppose to automatically come up on the second firewall when the failover occurs or do we
...
Hi,
when adding an dynamic address gorup with a lot of criteria(each or criterias not and)
is there a way to learn which criteria related to which ip address.
when using command " show object dynamic-address-group all" I cannot understand which ip is re
...
I have a VPN setup to a destination that using ddns to keep the hostname across IP changes. This works fine as long as the remote end is initiating the tunnel, but it seems the PA cannot be configured to be able to also *initiate* the tunnel:
When the
...
We are experiencing a timeout across SFTP; while SSH seems to be set to timeout at 120 hours, SFTP transfers are timing out at the 1 hour marker.
Is this an expected result? And if so, can we adjust the timeout for SFTP specifically?
Thank you.
Hi Everyone - I have a 4050 HA pair (4.0.12), 2050 HA pair (5.0.1) and several 500's (5.0.3). I am looking to upgrade the software on all firewalls but have had issues (typically high CPU and memory issues) with all these versions of code. Can you
...
Hello ,
I need to route users between more than 2 VSYS. do you know if it's possible to route packet between more than 2 VSYS. PACKET IN-> VSYS1 -> VSYS2->VSYS3-> out. What is the limitation for the routing inter VSYS
thks for your help!
ALex
We had a strange issue today.
We had a network outage which basically meant that all our DCs that run the User-ID agent were still running, and our PAN was still running, but there was no LAN between the DCs and the management interface on the PAN.
The
...
Hi All,
This problem is a little confusing to explain but I will do my best to lay this out. Keep in mind I have changed the IP addresses to keep examples simple.
I have a Palo Alto 2020 with a basic configuration. One internet connection and One LAN
...
reaper
on:
SSL inbound inspection certificate issue
TomYoung
on:
One Global Protect Portal and Two Global Protect Gateways in One Firewall
OtakarKlier
on:
Restricted tcp flow throughput in a VPN tunnel
reaper
on:
password reset for user through support.paloaltonetworks.com
reaper
on:
Panorama Push Error
OtakarKlier
on:
Disable USB Port on Firewall
PavelK
on:
Web Auth FW with HA
