General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Certificate Bundle

Hi,I'm get error on commit: "Warning: cannot find complete cerficate chain for certificate Certificate_Bundle"I notice there are three bundles in the device certificates, but how do I know which bundle is being used?How to I test this without breaking it.....Thanks

asabadin by L1 Bithead
  • 6048 Views
  • 6 replies
  • 0 Likes

How to read SNMP Values from VPN-Tunnel-Interfaces?

Is it very easy to read SNNP Values from physical interfaces:Connect the SNMP Browser to the PASet the right Community password:PA shows you the interfaces - but only the physical IFs.How to read SNMP Values from VPN-Tunnel-Interfaces?RomanSee: Palo Alto Tunnel Interfaces | thwack

rkra by L2 Linker
  • 3282 Views
  • 4 replies
  • 0 Likes

Resolved! GlobalProtect Client and Windows 8

PA-200Software version 6.01GP Agent 2.0.4I've installed GP client on perhaps a dozen workstations, and finally have one that will not authenticate. Help.Installed the machine certificate okay, installed the agent. Opened the app from the system tray, put in correct credentials, click 'Apply' and .. nothing happens.Where do I begin troubleshoot...

bdunbar by L3 Networker
  • 7329 Views
  • 6 replies
  • 0 Likes

HA failover when 1 port loses conectivity

Looking for ways to setup a PA5020 pair for HA that takes into account if the link to one interface goes down the system fail over. I have hear of possibilities of using a "HEARTBEAT" up the link to cause the failover when it fails.

Resolved! Captive Portal Authentication - External and Local Domains

Hello Everybody!Our Captive Portal is configured to authenticate according an "authentication sequence" LDAP based (LDAP-Local-Auth). We set 4 different AD servers from different Offices as per belowCaptive Portal can authenticate only for first 2 servers.... When users from AD-MEX try to authenticate they receive this pageAt monitor > system...

Software Update Issue

Last month I upgraded to 6.0.4 with no issues. I upgraded my primary, then upgraded the secondary five days later. Again, no problems.When I upgraded to 6.0.5 h3 (this past weekend), the PA would not pass traffic. I returned to 6.0.4 and traffic restored. I then tried 6.0.5 and had the same problem - no traffic.I followed the same procedures as...

Resolved! LACP support

Hi All,Is it planned on some road map to have support for LACP (Link Aggregation Control Protocol, 802.1ax) on PAN firewalls?Regards,Tician

Tician by L3 Networker
  • 4347 Views
  • 2 replies
  • 0 Likes

How to use dynamic block list?

Hi All,Kindly help me to understand this, How to use dynamic block list? how it will work? and where to use this ( in policy)?Regards,Gururaj

Gururaj by L4 Transporter
  • 6087 Views
  • 6 replies
  • 1 Likes

microsoft ntfs file sharing

hii have 2 zonesmy storage (storage is configured as cifs) is in one zoneusers in other zonei need to allow the users access to the storage using only standard Microsoft file sharinghow can i do that ?

Application Delivery Controller

Hi All,I know this may not be the correct place to discuss this however where I am I don't get the best response to feature requests.What I was wondering is there any chance PAN is looking to create a load balancer (ADC), as it is the one area of our networks that is missed by the PAN devices as any traffic they see is SSL passed through to our ...

bcsgroup by L2 Linker
  • 9264 Views
  • 6 replies
  • 1 Likes

Resolved! Url Filtering

I am trying to figure out url filtering. My company has me blocking web-based email url category. I have just been asked to allow certain users access to https://gmail.google.com so I created a custom url category and placed https://gmail.google.com in it and then created a rule with the source interface, the domain group and the destination ...

markk96 by L3 Networker
  • 4843 Views
  • 6 replies
  • 0 Likes

Resolved! multiple users same machine privileges crossed

currently have a customer using radius authentication on the wireless and user-id on the PA. The problem is when two different users use the same machine. Teacher logs in and gets a policy applied to the session going through the firewall and she logs out and a student logs in to the same machine, that student has the same privileges through the...

Zone protection UDP flood tuning

So, UDP Flood protection on my untrusted zone kicked in for the first (and second) time last night. The end result was not passing traffic each time for about 5-10 minutes. I'm guessing that the CPU (2050) was just spinning its wheels the entire time. I'm just (blindly) using the default values:admin@PA-2050-1(active)> show zone-protection zo...

MCmgt by L2 Linker
  • 8649 Views
  • 4 replies
  • 0 Likes

Resolved! HA dedicated to Fiber

I'd like to move my HA connection from the dedicated ports to fiber ports, however I don't have the option do change the port. Am I able to do this? Do I have to disable the HA first? Lastly, will I be able to keep the remaining settings?If I am able to do this, is it advisable? I recall from training that running the HA over a network wasn't a ...

Global Protect SSO user id

I have a portal and 3 gateways setup working with LDAP and active directory. It is setup to use user-logon with Single Sign On. All this works without issue. What I am having issues with is I have my firewalls intergrated with LDAP and Active directory groups, I use these groups for policy rules. What I am seeing, is that the Global Protect u...

markk96 by L3 Networker
  • 7137 Views
  • 10 replies
  • 0 Likes
  • 24404 Posts
  • 123 Subscriptions
Top Solution Authors
Labels