HA binding "both option" not working in NAT policy

Dear all,

I've configured my Palo Alto Cluster in a L3 Active / Active cluster setup.

While I was trying to implement a NAT policy (Source Address Translation), it turns out that the only options that are working are: "0" and "1", as a reference to the

PANDB is not categorising correctly

Hi

Has anyone experienced this problem and found a solution for it ?

Some examples

www.testbase.co.uk  --  Pandb - religion --           clearly wrong            Brightcloud -  Reference and Research  Training and Tools -- correct     

www. michaelwoo

Network Monitor does not show specific data.

Hi.all

I Have a question about Network Monitor of App Scope.

filter  "Source / Top 10 User / Last 30 Days"

When filtering application is normal.

When I select source of data is not seen among the eight days. (Capture Attached)

Also I was check the Network

Entries in My System Logs

I am getting this a lot.  Anyone know what it means:

EBL(Dyn Block Test) Refresh Aborted. Entry not refrenced by a rule

And the word is misspelled in the logs as well.

User/Group mapping OpenLDAP

Hello.

My situation is:

- GlobalProtect VPN configurated -> user identification via GP then.

- LDAP profile configurated -> authentication works well

- Authentication profile configurated.

- User Identification, Group Mapping configuration:

     - Gro

GlobalProtect client

Hi

Any one familiar with Cisco's ipsec vpn-groups ? just wanted to find out how the concept can be implemented with PA.

Regards

Darlington

Detection of duplicate ip?

Hello,

Got a call from a client said their network is slow and intermittent Internet access.   Found out someone in the office installed a network based webcam that used the same ip address as the firewall interface on that client net.

I checked the f

Traffic Question

I have a customer who is unable to access a site over port_873. When searching the traffic I see that the Source IP to Destination IP are being allowed over port 873 but the application is showing as incomplete. Now, I understand that this indicates

syslog format 2 servers

Hi,

How can we configure to send syslog with CEF format and log format to seperate syslog servers

Does paloalto support that ?

There is only one custom log on the server profile.

Regards

How to install VMware Tools for PA-VM 6.0.0

Hi, I downloaded PA-VM 6.0.0 and spun it up on a VMware server. I am trying to install VMware tools on it. Does anyone know how to do it? I have searched out that the VMware Tools is not compatible with PA-VM. Is it true tho? I cannot find any info f

Wrong SNMP Values after Upgrading to 6.0.2

Hi,

after Upgrading from 5.0.7 to 6.0.2 I got wrong values for active sessions information in my monitoring tool. The device it selfs shows a much lower value then my SNMP-network Monitoring tool.

E:G.         

on the device:

At the same time via SNMP

CVE-2014-0198 - Anyone have a signature?

Curious if anyone else is working on or looking for a signature for this vuln: NVD - Detail

DoS vulnerability brought about by a bug in OpenSSL. Is PAN working on a signature by chance?

Details: The do_ssl3_write function in s3_pkt.c in OpenSSL 1.x thr

debug uid group mapping

hey

is there any document describing how to debug agentless group mapping process?