AD Authentication Problem with Secondary Firewall

HI friends..

I am having two Palo Alto Network ( PAN-PA-3020 ) firewall installed in HA  mode (Active-Passive) .

  My problem is when ever my Primary FW goes down or change to passive and Secondary become Active, My Active directory authentication  bec

Problems with SSL-Decryption

Hi,

since a few days, we have more and more websites, which we are unable to login. After further investigation i'm sure there's something wrong with SSL-decryption, if I exclude the IP from encryption the sites work. But formerly the problem doesn't

captive portal issue

Hi All,

We configured captive portal-redirect with local db

when unknown users(who are not in AD,belongs to local db) redirected and web form is authenticated.

But the problem is they can't browse internet. Browser shows" page not loaded" to those user

email notification

Is it possible to set up a notification by email to let you know when one and only one vpn tunnel goes down? I also want to be able to turn it off once I am done troubleshooting

Allow Spotify authentication, but not streaming

It there a way to allow Spotify to authenticate, but disallow streaming (both from web and apps?)

As-is there are only one AppID for Spotify, and this blocks everything.

Users having the app in offline mode has go go online every 30 day to regain new 3

Start VPN from C# or script

Hello!

Is there a way to instruct the Windows GlobalProtect Agent 2.0.3-5 (that ist completely configured for the current Windows User) to Start the VPN from C# (or from within a script)?

Thanks for any Ideas,

Jürgen.

Firewall he is covering under some vulnerability

Hi friends,

Need suggestion

Actually when auditor running Vulnerability scaner tool then on Firewall he is covering under some vulnerability

> Upgrade to the latest version of OpenSSL

>  Use a strong key

>  Disable SSL support for weak ciphers

So for the

DSCP marking over ipsec VPN

Hello,

I inherited a network with 4 sites connected together via 3 PA-500's and a PA-2020. We have implemented Lync for VOIP and I'm having issues getting packets to retain their tags across the VPN (internal to the tunnel is all I want) I can't seem

Filtering Systemlog

I'd like to filter the log in order to get lines containing e.g. "BSS".

It works when filtering the description column :  ( description contains 'IKE protocol IPSec SA delete message received from peer. SPI:0xAB229BB0.' )

It works when filtering the ob

Packet capture filters

Hello.

Does anyone else have problems with defining filters for packet capture in WebUI?

If I understand correctly (there is no info about this in official documentation) all values in the same filter are logically connected with 'AND' operator. And lo

Can not access management by WebUI

I can not access palo alto by web management https://xxx.xxx.xxx.xxx

When I login,it redirect to page login again.

I can access ssh and I see patition root is use 100%.

ssl decryption certificate

HI FRIENDS,

Now days i am facing a challenge ssl decryption certificate. i have a create a ssl decryption policy for block few App -ID after SSL decryption we got certificate error client side any suggestion???

Regards

Satish