General Topics

PAN-DB URL Filtering Updates

Hi,

We have a couple of PA devices configured in HA mode. I just want  to ask if it is normal that only the active firewall gets the URL filtering incremental updates. eg. FW-01 (active firewall) gets updated to version 2005.12.811 and FW-02 gets stuc

Problem with NAT rules

Hello

Task is simple, give access to 3 IP from Internet to camera on non-standart ports. Ports and  local IP are:

192.168.220.251:554 -> x.x.x.x:554

192.168.220.251:80 -> x.x.x.x:8881

192.168.220.251:8554-8557 -> x.x.x.x:8554-8557

where x.x.x.x is one

UIA - Not domain user Identification Problem

Hello,

I have a problem/doubt with the user-id and in particular with the identification of the local machine users.

Internet access is only allowed for domain users and if the users enter in their computer with the domain account They don't have probl

HA binding "both option" not working in NAT policy

Dear all,

I've configured my Palo Alto Cluster in a L3 Active / Active cluster setup.

While I was trying to implement a NAT policy (Source Address Translation), it turns out that the only options that are working are: "0" and "1", as a reference to the

PANDB is not categorising correctly

Hi

Has anyone experienced this problem and found a solution for it ?

Some examples

www.testbase.co.uk  --  Pandb - religion --           clearly wrong            Brightcloud -  Reference and Research  Training and Tools -- correct     

www. michaelwoo

Network Monitor does not show specific data.

Hi.all

I Have a question about Network Monitor of App Scope.

filter  "Source / Top 10 User / Last 30 Days"

When filtering application is normal.

When I select source of data is not seen among the eight days. (Capture Attached)

Also I was check the Network

Entries in My System Logs

I am getting this a lot.  Anyone know what it means:

EBL(Dyn Block Test) Refresh Aborted. Entry not refrenced by a rule

And the word is misspelled in the logs as well.

User/Group mapping OpenLDAP

Hello.

My situation is:

- GlobalProtect VPN configurated -> user identification via GP then.

- LDAP profile configurated -> authentication works well

- Authentication profile configurated.

- User Identification, Group Mapping configuration:

     - Gro

GlobalProtect client

Hi

Any one familiar with Cisco's ipsec vpn-groups ? just wanted to find out how the concept can be implemented with PA.

Regards

Darlington

Detection of duplicate ip?

Hello,

Got a call from a client said their network is slow and intermittent Internet access.   Found out someone in the office installed a network based webcam that used the same ip address as the firewall interface on that client net.

I checked the f

Traffic Question

I have a customer who is unable to access a site over port_873. When searching the traffic I see that the Source IP to Destination IP are being allowed over port 873 but the application is showing as incomplete. Now, I understand that this indicates

syslog format 2 servers

Hi,

How can we configure to send syslog with CEF format and log format to seperate syslog servers

Does paloalto support that ?

There is only one custom log on the server profile.

Regards

How to install VMware Tools for PA-VM 6.0.0

Hi, I downloaded PA-VM 6.0.0 and spun it up on a VMware server. I am trying to install VMware tools on it. Does anyone know how to do it? I have searched out that the VMware Tools is not compatible with PA-VM. Is it true tho? I cannot find any info f