General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

User-ID - wrong user domain

Hi there,We discovered an issue with our User-ID setup in our BranchOffices. Some times the source user is not recognized as <child-domain>\<user> but as <parent-domain>\<user>. This happens from time to time but only for a short perioid of time (less than 30 seconds).Does anyone have an idea on how we could further troub...

oschuler by L4 Transporter
  • 7394 Views
  • 8 replies
  • 0 Likes

Config gmail account to send reports...

Hi,We have our corporate mail in Gmail.We are sending reports weekly using smtp.gmail.com in "Email server profile" but we cant get it. We would need to validate our account in Gmail in order to use it as Gateway.There is any field in the PA config where i can configure my Gmail account in order to validate in the Gateway?......THanks a lot

User-ID agent collecting non-domain user-ip mappings

User-ID agent version 5.0.6-6 seems to collect non-domain user to ip mappings.In fact this is a laptop that is a member of our domain, but I'm logging on with a local administrator. User-ID agent collects it and maps the ip to "hostname\administrator" (as opposed to normal mappings "domainname\username"). User-ID debug logs show it being collect...

dieter_b by L4 Transporter
  • 5295 Views
  • 8 replies
  • 0 Likes

Resolved! multiple ip address affected to interface Layer 3

Hello somebody know why If I want to affect 2 Ip address to one interface in the same subnet like ip1: 12.52.36.2/29 and ip2 : 12.52.36.3/29the result is an overlaping of subnet.and to solve that I have to add the first ip 1 as 12.52.36.2/29 and the second one in that way 12.52.36.3/32.thanks

Gregoux by L4 Transporter
  • 2973 Views
  • 1 replies
  • 0 Likes

Resolved! How to route youtube traffic towards DSL link

Hello everyone!We installed a DSL link in our company and we would like to forward all streaming video traffic towards that link, offloading our main corporate internet link.I saw some docs concerning PBF, but I see that there is not a big list of application for that purpose...I mean, is it possible PA box check that some traffic has APP youtub...

Resolved! Facebook and SSL Decryption

Hi Everyone,I am in the process of evaluating PA. Love the product so far. I have a question. I am working on the App Control. On the Facebook App I can block/drop the entire page but can't stop the subcategories (chat, posting, etc..). I found out what I suspect to be the reason in that when I go to facebook it changes to an SSL page there...

dhopper82 by Not applicable
  • 3637 Views
  • 2 replies
  • 0 Likes

Resolved! global protect and admin UI on the same IP from a data plane interface

what appened if you configure global protect and admin UI on the same ip addresson a data plan interface we decide to affect a management profile interface that allow HTTPS and response page.and we affect one IP to this interface.and we use this same IP for portal and the gateway of global protect configuration.is it possible to access to ADMI...

Gregoux by L4 Transporter
  • 2855 Views
  • 1 replies
  • 0 Likes

Resolved! Multiple IP address affected to L3 interface

Hello AllSomebody know whyWhen You add 2 ip address from the same subnet to the same interface Layer 3 ex ; ip 1 : 12.52.36.2/29ip 2: 12.52.36.3/29you obtain an error lijke subnet overlaping to solve that you need to declare one IP in the subnet /29 and the other in subnet /32like IP 1: 12.52.36.2/29and IP 2: 12.52.36.3/32thank

Gregoux by L4 Transporter
  • 10440 Views
  • 3 replies
  • 0 Likes

MigrationTool

Hi,i am new in town. I am trying to convert a Cisco PIX to PA sintax usin the MigrationToolVM.1.5 (i only have a 32-bit cpu) and i am not abe to create the XML file.Checking Hosts integrity. Looking for hosts with an invalid netmaskName: Gestor Mask: 0I dont see any netmask error at the PIX config. Is there a way to have more details of the erro...

gbarrios by Not applicable
  • 2265 Views
  • 1 replies
  • 0 Likes

Resolved! FTP Data connection broken, need help

ta, Im having a heck of a problem.One zone out to an ftp server is working frie but from another zone the conputers can connect but they cant get file listings of xfer data ata ll. Routing is fine, obviously, the rules they are hitting is ok, NAT and Sec.Both connections go through two VRs to get out to the ftp server. One zone hits two rules, t...

choff123 by L3 Networker
  • 17728 Views
  • 14 replies
  • 3 Likes

Dynamic Objects Error

I’m trying to test using dynamic objects on 5.0 however I’m not sure If I’m missing something?The document suggests the syntax to add a new entry do a dynamic address object is as follows:https://<IP>/api/?type=user-id&action=set&key=<KEY>=&file-name=<XMLFILE> Where IP is the IP address of the firewall under managem...

rds by L2 Linker
  • 3753 Views
  • 2 replies
  • 0 Likes

Resolved! Question about logging and Panorama

Is it possible to have both a Panorama server receiving logs from the gateways AND a syslog server receiving them at the same time? Any examples?I also believe I heard that there is potential to have the feature in an upcoming rev of Panorama forwarding logs to other destinations, like another Panorama or Syslog server. Still in the works?

  • 24396 Posts
  • 123 Subscriptions
Top Solution Authors
Labels