General Topics

Resolved! GlobalProtect, Working from Home, Prisma Access and Covid-19

To all, Just wanted to post a message about the Hot Topic right now, which is Covid-19. With all of this going around, everybody's health and safely is the utmost concern. Keeping your hands clean, washing your hands (A LOT), using hand sanitizers, a...

Using an explicit L3 interface for captive portal web form in PAN-OS 3.1.2

Hello,I noticed this in the PAN-OS 3.1.2 release notes :Captive Portal Session Enhancements – The captive portal web forms method of authenticatingand identifying a user’s IP address has been modified to include a session cookie. This sessioncookie i...

No logging from firewall to Panorama

We have panorama installed and 10 firewall devices, reviewing the logs today noticed that only getting logs from two of the devices even though I can install app/content and virus definitions to all of them so communication is working fine. Anybody h...

Monthly PDF Summary Reports

Is there a way to take the daily PDF Summary reports and "roll them up for a monthly" report and send this to email?

Authentication for educational site, before being controlled by PAN

What I'm after is a system that acts as a RADIUS server to authenticate both wired and wireless users over the network via EAP. The network will then authenticate the user and allow them access to specific VLANs, depending on the user and what machin...

SSL VPN Configuration - HELP!

Hi All,I have been strugeling to get set up the SSL VPN on v3.1.3I have managed to get the page to login appearI have managed to be able to loginI have been able to dowload and get the client connectbut for some odd reason it will not communicate to ...

SSL-VPN with Ldap

I´m trying to configure ssl-vpn to authenticate users in ldap server or locally with imported users from Ldap via PAN. The only way that I’ve successful login´s is when I create a local user in Palo Alto firewall. I´ve got connection to Ldap servers,...

Resolved! Captive Portal Logout URL

When using captive portal in vwire transparent mode, the PAN device presents a custom URL for the logon page. Is there an associated URL that can be referenced to log a CP user off? This would of course only be for the source IP address of the reques...

Resolved! historical user active reports

Can someone tell me how far back you can expect to be able to run a user activity report ?

Resolved! Sawmill with PAN URL logs

Hello,has anyone integrated PAN URL logs successfully with Sawmill for detailed reporting?Would need some help on that given that we need to get browse time per user.thanks

license-expired

Our PA2020 has started to categorize all visited URLs as . Nevertheless, our URL Filter License is not expired. I configured the PA2020 to block all URLs when license is expired ... and now that´s what our PA2020 actually does: all URLs are blocked. ...

Resolved! Block SOME not all facebook-apps

Hello,Is there a way to block all facebook-apps except for ones that are listed in a whitelist or some other exception criteria?Thanks,Daniel

PAN OS 3.0.8 to 3.1.1 upgrade and backup file question.

Hi All,I have question regarding PAN OS. Existing i am using PAN OS 3.0.8 and PAN Agent 3.0.2..I want to upgrade to PAN OS 3.1.1 version and the model is PA-500.1. Can i use back my existing configuration from 3.0.8 firmware to load on the new firmwa...

Security Policy for Anti-virus blocks or allows all

Hello,I've watched the video on how to setup a URL filter security policy. It shows the action selected to be allow. When I created an Anti-virus Profile I set it up to block anything on http.I then went and created the Security policy selecting that...

Resolved! Blocking fonts.

I'd like to block users from downloading any OpenType (.otf) and TrueType (.ttf) fonts. Is there any way to block them?I am running PAN OS 3.1.3 and content version 194-663.

Network Interface Setup

I have a rather unique issue in that one of our internal networks is still on a public set of ips. I can't switch it over at the present time, but I am having a problem figuring out how to get the PAN to work for me on this network.My current setup i...