Resolved! user-id agent commit issue
Hi team,I have got issue when trying to commit our configuration on User-id agent.User-id agent can not to connect AD without commit.Who have an experience of this, please help.BR
Hi team,I have got issue when trying to commit our configuration on User-id agent.User-id agent can not to connect AD without commit.Who have an experience of this, please help.BR
Whats the maximum latency allowed for HA peering links (e.g HA1 control and HA2 keep-alive) between devices setup in active/passive HA pair?i.e based on the latency can determine the approximate distance that HA pairs can be physically separated.. 1Km .. 100Km? etc. whilst connected via dark fibre.
Hello,I have one vpn configuration question, I hope somebody can help...I am configuring vpn site-to-site in my site PaloAlto, other site is not important in this case.I am making source and destination NAT for the traffic that is used for vpn. The purpose of this NAT is that we have lot of vpn tunnels and we have similar IP networks on local an...
How long will wildfire do the analyze malicious behavior?
HelloI have about 100 polices on my device, some of them has "Log at Session Start" option enabled. Is it posisible to find it from the CLI ?I have very little skills in CLI so please give me the whole CLI command.I realised that my weekly reports are unusable because I have only data from last few days. How I can save some space on PA200 to get...
Hi all,I am running Panorama with two PA-5020s which belong to one device group. The policy for this group applies to both or either firewalls, depending on zones (basically, this is a non-HA pair on two Internet links). One of the 5020s has gone into castors-up mode and is being RMA'd; a replacement is due tomorrow.As Panorama seems to refer to...
I changed a zone in a policy from Panorama but the change doesn't show when in the context for the particular device. Did I miss something? How long for that change to show up?
We are seeing a strange issue with our 4020s (running 4.1.8h2 right now) where, as far as we can tell, partial commits are at times causing some kind of HA event that, at times, causes some already-established RTP streams that are allowed by the policy to change from allowed to a discarding state. This causes our Polycom videoconference systems ...
HelloAs you can see on this forum I have some configurations problems with CP.In the zone where I have CP enabled I have Minolta BizHub c220 device (with static IP 192.168.3.251). This device has scan to email features. After I enabled CP for this zone of course noone email go to user.I checked almost every thread on this forum, but I didn't get...
Is there a script out there yet that someone has written to send user info to the user-agent api?
has anyone got configuration for captive portal on and incoming untrusted public ip nat to private internal address.i need to authenticate incoming connections before they reach the internal server address.under captive portal I have the source as the public nat address and the destination as the internal server address and it does seem to work...
hi,i have a problem with using groups (from windows active directory) in security rules.on our windows active directory i have created a new group fw_finance. we use the PAN user-id agent to get the mapping from ip to user. i mapped this group on our PA-500 (user identification - group mapping settings). than i created a new security rule, that ...
Can i use the DNS proxy feature for all external queries for our public sites?external user queries for www.mydomain.com - instead of our DNS servers replying, could we have the PA do it instead?So we can list out all our public domains and only those will respond?
I am getting a daily notification that states that Failed to check Antivirus content upgrade info due to generic communication error . I have a HA Active/Passive set up on my network. The Active is connecting to updates.paloaltonetworks.com fine and is getting the most recent verison, and there is a Green Dot that connection is okay from the Ma...
Hello,i'm trying to get this constellation running:Two PA 200 behind a DSL-Home-Router and a firewall with a fixed public IP at the passive site.This image is just an example how it looks like....First i want to get the active site ("PA-Active"; PA 200; Version 5.0.6) running...I configured the IKE Gateway, Tunnel interface and also the IPSec Tu...
| Subject | Likes |
|---|---|
| 4 Likes | |
| 2 Likes | |
| 2 Likes | |
| 1 Like | |
| 1 Like |
| User | Likes Count |
|---|---|
| 4 | |
| 3 | |
| 3 | |
| 2 | |
| 2 |

