General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Which is the stable 5.X release?

Hi All,Currently our box is running on 4.1.11 PANOS but there is a problem, Management CPU utilization reaching up to 95% and commit is taking too long time.Just we are looking to upgrade OS to get rigid of the above issue. which is the recommended PANOS?Regards,Gururaj

Gururaj by L4 Transporter
  • 2200 Views
  • 2 replies
  • 0 Likes

Resolved! transfer a URL license?

Anyone know if one can transfer a URL license from one appliance to another of the same model type without a case? This is not an RMA condition.thanks,

blarney by Not applicable
  • 6298 Views
  • 6 replies
  • 0 Likes

Resolved! Captive Portal Login Button

Has anyone been able to change the button on the captive-portal custom webpage to be anything other than the word "Login", for examples where we want a guest only button this sometimes need to read "I Agree" to bind users to an acceptable use policy.

amansour by L4 Transporter
  • 5533 Views
  • 4 replies
  • 0 Likes

SSL-VPN Cliente Update

Hi, i want to upgrade my SSL-VPN client in my PA and I have a couple of questions regarding how it will affect the user.. Update the client SSL-VPN. Users who use this type of connection will receive some notice to update the client, when you try to connect for the first time after the upgrade? they will need to update theis SSL-VPN clients? tha...

Panorama - Restrict Firewall Log Access

Does anyone know if there is a way to create admins in Panorama for specific subdomains AND restrict their access to only the logs for the firewalls in that subdomain? I want to give access to users for only their FW logs and not let them see all of the other FW logs. So far my testing has resulted in this not being possible, but wanted to see i...

chrisp by L3 Networker
  • 4238 Views
  • 4 replies
  • 0 Likes

Resolved! What is a "large" deployment for User-ID on the firewall?

We have a pair of 5020s and about 4000 users on 4 AD controllers. Throughout the 4.0 and 4.1 series, we have seen the Windows-based UserID Agent drop groups and users, and are interested in seeing if native event log polling from 5.0 might help. Target date is mid-March, by which point we hope 5.0 to be somewhat stable.The documentation says tha...

rgraves by Not applicable
  • 7084 Views
  • 6 replies
  • 0 Likes

Resolved! Bidirectional Forwarding Detection

Does Palo Alto Firewalls support Bidirectional Forwarding Detection (BFD). Link to RFC http://tools.ietf.org/html/rfc5880 The reason i ask is it is best practice to use this as a OSPF fault detector in lue of reducing the ospf timers.

Global Protect and Android 4.0.4 - problem

HelloI have working VPN for Windows machines. I need to extend it for Android devices, using client from Android OS.I'm using login and passwords (not certs) in my VPN config.I followed by the GlobalProtect-Config-Android-RevB.pdf - part 3When I try to start VPN on Sony Ericsson Xperia S smartfon I see connecting and after 2-3 minuts - connecti...

_slv_ by L4 Transporter
  • 7215 Views
  • 11 replies
  • 0 Likes

User-ID stopped populating mappings - OS 4.0.12

I am running OS 4.0.12 and have an issu with the user-ID / mappings not populating in the logs. show user pan-agent statistics:IPs Activity Timer(s) Domain Indexncmpdcden01 10.250.12.10 5009 vsys1 *connected, ok 989 906651185 21844256 600 ncm 0show user ip-user-mapping:IP Ident. By...

Is there a way to create a filtered report based on specific countries?

On PA 4.1.I have a custom report that uses the traffic log database, with the top 500 entries for the last calendar day, with the Destination Country column enabled. 95% of the Destination Country results is the USA. I'm interested in looking at traffic to other countries. Is there a way to create a recurring report that will filter out the USA ...

Resolved! What happens when a previously unknown App-ID gets added to PA through dynamic updates? How are others handling this situation?

This is a situation that I brought up at work, that we don't really have an answer to. After I brought this situation up a couple of weeks ago, we actually had this exact problem bite us when an App-ID for SCEP was introduced.Let's say there's a server in a DMZ VLAN that we have built rules for, using a Palo Alto firewall. Let's say that the app...

  • 24396 Posts
  • 123 Subscriptions
Top Solution Authors
Labels