General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Resolved! authentication profile LDAP

Hi,When l go to authentication profile and select "add" under allow-list for a LDAP connection it does not list all Active Directory Groups from our Domain ?We are currently on PANOS version : 5.0.3I also have the User ID Agent setup on both of our Windows 2008 Domain Controllers using version number : 5.0.1-2

acmi by L1 Bithead
  • 3682 Views
  • 4 replies
  • 0 Likes

Resolved! User Agent picking up domain service account instead of end user

We are running a 2008 R2 domain and the user agent is in and working. However, it keeps showing one of our domain service accounts on many (not all) of the reports and monitoring instead of the actual user that is browsing. We run the same service account that is showing up in the reports for our KACE agent and Sophos agent. Not sure if this ...

Resolved! System fan speeds?

Hi.I've recently implemented a new monitoring system (see thread in the devcentre forums) called Observium, and one of the things it does is read *all* the SNMP sensors out of the Palo Alto devices.I noticed that it was reporting the fan speeds on my PA as really, really high - like, 12000 RPM and above - and I figured it was a bug.But I just di...

darren_g by L4 Transporter
  • 7170 Views
  • 6 replies
  • 0 Likes

Resolved! 5.0.5 Management CPU?

So, I finally got to upgrade my 2020's to 5.0.5 (not been able up to now owing to operational requirements) after hearing from our PA rep's tech guys that it's mostly stable now, and he hasn't heard any bad reports on it.However, it seems the high management CPU bug/issue is back - my Management CPU is now running pretty constantly at around 60%...

darren_g by L4 Transporter
  • 7271 Views
  • 9 replies
  • 0 Likes

iOS Globalprotect VPN question

So I'm going through the document here:https://live.paloaltonetworks.com/servlet/JiveServlet/downloadBody/2016-102-8-14087/GlobalProtect-Config-Apple-iOS-RevD.pdfI have an existing / configured GlobalProtect portal for VPN usage for PCs/Macs. It looks like this (portal and gateway settings):http://imgur.com/Juwdzxqhttp://imgur.com/D9bwEwPIf I e...

bradenmcg by L3 Networker
  • 2770 Views
  • 1 replies
  • 0 Likes

Resolved! GlobalProtect 1.2.2 disabled Windows auto-login

We are rolling out the GlobalProtect client to our campus community and we came across this behavior. When we install the GlobalProtect client, it disables the auto-login feature for some of our Windows machines. This is a non-issue for me, but some of our users are complaining that they have to enter passwords. My question is simply, is this...

mcw015 by Not applicable
  • 4557 Views
  • 1 replies
  • 0 Likes

Resolved! url filtering speed

Hi,When enable url filtering page loads late.Same page loads very quickly when disable url filter.All sites same issue.any idea about that ?

What is 'cotp' ?

Hi,-----------------------------------------------------------------------A new 'cotp' App-ID will be available in the upcoming content update for the ISO transport protocol 8073 over TCP. When allowing applications such as ms-rdp, t.120, and iccp, that use the COTP protocol, a policy change will be required to handle the dependency.------------...

komure by Not applicable
  • 24577 Views
  • 2 replies
  • 0 Likes

Resolved! How to create custom response pages

Hello,I know that the Device -> Response pages menu allows to modify response page, but how can I add my own response page ?What I would like to do is displaying an advertisement page when traffic is blocked during working hours (using schedules).Is there a way to configure such feature ?Kind Regards,Laurent

ldormond by L3 Networker
  • 6866 Views
  • 6 replies
  • 0 Likes

Inbound NAT with DHCP

Hi,Is it possible to do a inbound NAT when the outside/untrust interface is a DHCP client?Here is the NAT rule i`m trying to commit, but thats not working.../kristian

kristian by L3 Networker
  • 2890 Views
  • 2 replies
  • 0 Likes

Migrate subinterface config to another interface

Hi,here is a sample of my configuration.I have trunk link (from a cisco device) to the 1/6 interface, where i configured several subinterfaces.You can see that we have the 1/6.3 in the Virtual Router vr-recette in the Virtual System Recette.And after that I have 1/6.206, 1/6.207,1/6.208 in the Virtual Router vr-sante in the Virtual System Sante....

CRF by L1 Bithead
  • 7088 Views
  • 5 replies
  • 0 Likes

Policy Based Forwarding for Application "Ping"

Hello,i want to make a policy for "Policy Based Forwarding" to route only ping traffic to a different router. Is this possible?I testet a rule with a service "tcp/udp Port 0" -> Don't workI tested another rule with an application "icmp" -> Don't workFor testing suppose i create anoher rule with service "any" and application "any": This rul...

Resolved! When not to use agentless user-id ?

Hi,For big environments it is advised to use user-id agent.How will we be sure ?is there a comparison for this.User number, DC number , ??? any number ? etc...When we should install agent software ?Thanks.

  • 24397 Posts
  • 123 Subscriptions
Top Solution Authors
Labels