User ip mapping with only Global Protect

Hi all,

i have a question regarding user ip mapping when only using Global Protect to authenticate users.

Without enabling any user-id agent. Neither external on a server, neither on the firewall.

It works as Global Protect identifies the logged-on user

How to reset webserver access.log?

Hello,

I have out of space on the root partition (PA5020, 4.06). How should i delete webserver access.log?

Regards

MJ

User Activity Reports

I really need some help in the correct process of running a user activity report. I have a request to pull the last 30 days of internet activity on a particular user. Every time I attempt this, I get strange results. Either the info only goes back 3

Switch port interface

Is it possbile to configure one of the ethernet interface ports on a PA 3020 as a switch port?

Pannorama and HA Cluster

Hey

i would like to know how the commit process works when i push commit on pannoaram to HA device group.

1) does Panorama send the configuration to both of the device and then commit it?

2) does Panorama send it only to one device and it commits it to

Destination NAT to address not in same subnet

Hello,

I had a quick question about destination NATing to an address not in the same subnet as an interface on the Palo Alto. For example, let's say I have a site-to-site VPN and I am using destination NAT on one side of the tunnel. When traffic comes

Accessing web systems using main office's IP trough IPSec tunnel

Hello.

We have a few IPsec S-2-S tunnels with different devices on other side and all works nice, but in one of them is required, that users on other side can use internet resources (to get this sides WAN IP address and access few web systems that wit

Is a crossover cable required if cabling a host directly to the PA interface

I have a host directly cabled to an interface on the PA. I am having issues with internet connectivity on this host. I wonder if a crossover cable is required to cable direct rather than traversing a switch first?

Thanks,

Daniel

Problem with IPSec tunnel monitor

Hello,

We have an issue with one IPSec site-to-site tunnel. The PAN usually doesn't recognize when a tunnel is down. We can correct this by setting up monitors on all tunnels with a "wait-recover" action after 3 subsequent failures. This works for all

Panorama commit devices with different results

Hi,

We have a device group in Panorama with 4 devices members. When we've committed changes sometimes devices had the result "Commit succeeded with warnings", because we have some dependence warnings, but one of them has the result Commit Succeeded".