General Topics

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer!

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

Resolved! Can I look ACC of some devices in Panorama?

Hello

There are Device-A , Device-B and Device-C FWs.

All FWs forward all logs to Panorama.

I want to look ACC included only Device-A and Device-B in Panorama.

Is it possible?

Thanks

Resolved! Client certificate and LDAP authenticate on Global Protect

Hello

I have a question.

My customer want to use Global Protect.

He want 2-factor authentication.

User authentication client certificate on 1-factor.

And then user authentication ID/PW to Active Directory by LDAP on 2-factor.

I have searched and seen below

...

Resolved! Are there way that fw forward url & data filtering logs to ESM system by syslog??

Hello,

I know there are not log type of url & data filtering on syslog server profile.

But my customer want to receive two logs to ESM system by syslog.

Are there ways?

Please let me know it if there are.

And I have a question.

Panorama is received this lo

...

Resolved! Help setting up internet connection

Hi there

We're in the process of cutting over to a new internet connection and I'm trying to get our PA 2050 configured to handle to new IP range but I'm a bit stuck. We've been assigned the 111.69.54.112/28 subnet with 111.69.54.113 being the default

...

Log Type Unknown

How do I figure out what the log type I have is when its showing me "unknown" for the current type?

*edit* Sorry they are assumed for the IDS/IPS

Global Protect Welcome Page with ActiveX

Hi Guys,

is it possible to customize the welcome page of Global Protect with ActiveX scripts? I need this to run Active Directory login scripts automtically after a connect with Global Protect.

Cheers

Dirk

GlobalProtect client pre-/post-connect commands?

Hello,

Do someone know, if i can set pre- or post-connect commands at the GlobalProtect client?

Background:

i want to start a service after a successful VPN connect via DOS command (sc.exe).

thanks

regards

Robert

Global Protect too many outstanding keep alive

Hello guy's

did Someone see this kind off message in global protect agent log on windows device.

message :too many outstanding keep alive

and just after this message a logout is innitiated

the VPN session is mount conntected and after less than 2 min a

...

Resolved! PAN as an explicit proxy?

Hi all,

I have a simple question, is it possible to make my PA-3020 work like an explicit proxy ?

I configured URL Filtering and I would like to adress web requests to the PA-3020 just like if it was a real explicit proxy...

Many thanks in advance.

Rudy

Is there a possibility of Palo Alto releasing rule content, similar to the way Sourcefire/Snort handle IDS rules?

We have Palo Alto appliances and we have Sourcefire IDS appliances running side by side in various configurations at work. I can't emphasize enough how convenient it is to be able to have an IDS event fire off from our Sourcefire boxes, and when I dr

...

Alarm on device

Hi,

We've did a little bit of testing on Palo Alto device and kind of want to know something about Alarm that we still can't produce the issues such as

- At what temperature or percent that device will generate an Alarm

...

Resolved! virtual-wire ARP issue

hi!

i have a topology of 2 cisco routers connected to e1/1 and e1/2 in a virtual-wire deployment. there is only 1 policy on the PA, permitting all traffic, and all VLANs are permitted through the v-wire.

the problem is that when i try to ping from R1 t

...

Resolved! empty user list

Hi,

Device stopped to take user information from agent.Show user ip-user mapping all comes with 0 user.Passive device works fine.it shows all users.

Agent connection is fine for both device.Any idea ?

restarted user-id with debug command but did not sol

...

IPSEC VPN with a CISCO 880 series router Dynamic IP

Has anyone setup a IPSEC VPN with a CISCO 880 series router Dynamic IP?

Resolved! MS-RDP and t.120 -> application: not-applicable

Hi,

I have a few rules that only permit ms-rdp and t.120. A new rule was implemented last week that permits ms-rdp and t.120, just different source addresses. The other rule can see the ms-rdp application but for the new rule, it shows up as applicati

...

Discussions