Active Directory Users not Authenticating to GP

Hi,

We configured agentless User-ID with our PAN OS 5.0.2. We created policies using the AD usernames and it is working fine.

However, We are trying to configure our GP to authenticate using the AD users. This is not working and we are getting the foll

Update routing table based on PING results

Does anyone know if the PA supports dynamically updating the routing table on a PA FW based on PING results?  Some vendors refer to this as IP SLA.

thanks

Daniel

Best practices for HA PANs and switch stack

For this scenario, assume a simple setup. Two firewalls in HA and two switches in a stack. Also assume the firewalls are in active/passive. Consider the below setup, each firewall has one physical link to separate switch members of the stack.

In this

Voip external server

I'm experiencing an issue with a connection to an external voip server.

Directly attached to a PA-500 ethernet port there is a patton (fxo voip appliance).

Now, I'm allowing any traffic to outside, any application.

When I surf from that interface I can

Global Protect - Split Tunnel

Is it possible with global protect and split tunnel setup to have policies applied for url filtering to the local client so that sites can be blocked in split tunnel mode?

show vpn flow: Should "tunnel mtu" be renamed to "suggested tunel mtu"?

Hello,

Can you answer these questions regarding the tunel mtu that appears in the output below?

cstankevitz@PA-500-Local> show vpn flow tunnel-id 27

tunnel  Sterling

        id:                     27

        type:                   IPSec

        gateway i

Ipsec VPN traffic issue

   why we are getting CISCOVPN traffic flow on VPN. please suggest.

Global Protect Client, portal error message: Client Certificate Error

We have upgraded 5 of our BranchOffice firewalls from 6.02 to 6.03 yesterday. All updates went fine except one: 

We are going to get an issue as soon as we want to connect via Global Protect to the Gateway. The window "Client Certificate Error" pop

Can Throughput Information be Pulled via SNMP for Aggregate Interfaces?

SNMP can be used to get packets per second and bytes per second information for individual interfaces but not for an aggregate interface. Statistics from the individual ports need to be added manually in order to get the throughput of all the interfa

PPPoE issue

Hi Support Team.

I have problem with PPPoE on Palo Alto PA 3050

I config with true User and Password.

my ISP reset MAC already.

But PPPoE still failure.

Pls help me.

Thanks

PAN 5050 HA

How do I cable up a pair of PALO 5050's for HA?