General Topics

Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

 

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! 

 

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 191 Views
  • 0 replies
  • 0 Likes

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

 

Rules and Best Practices

 

  1. Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion
...

JayGolf by Community Team Member
  • 873 Views
  • 0 replies
  • 0 Likes

Groups that the user belongs to

Hi,

When we want to look at ip address of a user

show user ip-user-mapping ip  ........

Groups that the user belongs to (used in policy) comes empty.

I tried

debug user-id refresh group-mapping all

Also I can see all gorups on group mapping.

panos by L6 Presenter
  • 2462 Views
  • 4 replies
  • 0 Likes

TS Agent on Citrix XenApp 6.0 farm

Hello,

Our XenApp farm IP range is dynamic and the servers could spin up on any number of IPs within a couple of segments.  Does a TS Agent entry for every single possible IP need to be added on the PAN device, or can I configure it to look at a subne

...

CRHC by L4 Transporter
  • 4222 Views
  • 3 replies
  • 1 Likes

Resolved! How does SSL inbound decryption work exactly?

I am not looking for a guide on how to configure it, there are plenty. What I want to know is how SSL inbound decryption works from an architectural point of view. In the docs it says that once you loaded the webserver's certificate onto the PAN devi

...

Radius Authentication

Hi,

we use Vpn authentication for portal LDAP and for gateway Radius

Users can connect using their names to portal with typing user and password

after that they type another user name and password for Radius.

When we look we see the logs of users coming

...

panos by L6 Presenter
  • 2443 Views
  • 4 replies
  • 0 Likes

Resolved! Excel XLSX recognized as ZIP file

Hello,

I configured a File Blocking profile to block specific file format (like Exe, PE, RAR, etc).

Unfortunately, this profile also blocks Excel file in new format (.XLSX).

No problem, with the old format (.XLS) !!

After reading some doc, it seems that

...

licenselu by L4 Transporter
  • 6034 Views
  • 2 replies
  • 1 Likes

Resolved! Not Receiving Scheduled Reports

Kind stumped on this one. I have some scheduled reports I'm not receiving. I was getting them on a daily basis as configured in the email scheduler but they just stopped one day and no changes to the firewall were made. I've created a report group, a

...

Palo Alto as a route reflector

Hi,

I have a couple of PA-500 clusters and I want to use them as route reflectors for my internal BGP network. There doesn't seem to be anything in the documentation on how to do this but the documentation suggests the Palo will do it, I was wondering

...

Gareth by L1 Bithead
  • 3973 Views
  • 5 replies
  • 0 Likes

Resolved! Some has a problem blocking Youtube Application?

I recently had problems with blocking youtube, I added a policy where I deny the application access to youtube. When I go to the YouTube page and I try to watch a video, the first time if it hangs correctly, but if I try more times with other videos,

...

Resolved! DNS proxy policy

when you create a dns Proxy policy you declare only the ingress interface

or egress interface ?

Gregoux by L4 Transporter
  • 2972 Views
  • 3 replies
  • 0 Likes

Resolved! group member attribute

when you create a ldap profile by default

the group member attribute is defined to member

my question is

member for palo does mean "memberOf" for Ldap group attribute.

and in this way each autentication request is answer with all users nested groups  

...

Gregoux by L4 Transporter
  • 3975 Views
  • 4 replies
  • 0 Likes

https coaching page - Connexion reset depend of browser

Hi all,

Configure a continue action on certain url category. If request in made in http no issue. If request is made in https, depend of your browser, I have

- Chrome V27.0.1453.110 m => erroe page with connexion reset

- FireFox V21 => erroe page with

...

VinceM by L5 Sessionator
  • 3022 Views
  • 5 replies
  • 0 Likes

IPsec X-Auth with RSA On-Demand Tokens

Hi, I have PAN working with RSA On-Demand tokencodes (these are SMS-based tokens) when using GlobalProtect and the management UI but cannot get it to work with IPsec X-Auth. RSA On-Demand tokens work like this:

1) User enters their username and PIN to

...

  • 24007 Posts
  • 115 Subscriptions
Top Solution Authors
Top Liked Posts
Top Liked Authors
Labels