General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Resolved! VPN Authetication with client certificate

Hi, if I configure VPN authentication with client certificate, it will be necesary to enter password?.

I don't know if with client certificate you don't need user and password as I've seen in other scenarios. Reading documentation from Palo Alto seems

...

ssancho by L2 Linker
  • 1484 Views
  • 2 replies
  • 0 Likes

Panorama in HA

Hi there!

I would like to know if someone is using the Management Panorama in HA (Primary and Secondary). I was looking for information about, but i could not find anything.

Thanks in advance!

Angel.

Resolved! User-ID Agent XML config and debug

Have successfully installed the UserAgent 4.1.2-2 and it is merrily discovering user authentication events.  It is VERY keen to tell me all of this in the UaDebug.log file.


How do you reduce the verbosity - there's a "file" somewhere but it's not givi

...

PA 2020 Active/Passive HA

I am configuring Active/Passive PA 2020 firewall for clustering . I have configured all the parameters for HA including the links(HA1 and HA2). Also the firewall are connected and both the HA interfaces are showing up. I am making One PA Firewall as

...

itsecll by L1 Bithead
  • 2351 Views
  • 6 replies
  • 0 Likes

address-group limitation

Hi @all,

we’re using a PA-5020 active-passive Firewall-Cluster.

We recently noticed that the address-groups are limited to 500 items per group. As we have a list of nearly 1500 items (ip-address and network-addresses) to manage, I want to ask whether

...

Wirecard by Not applicable
  • 1147 Views
  • 2 replies
  • 0 Likes

No username in source-user column of PA-500

Hi All

I have upgraded to  PANOS 4.1.2 and user-id-agent 4.1.2-2 in my lab, however when i complete config, and can not select any domain\username in the source user column, but i can sure the connection is ok by command >show user user-id-agent stati

...

Resolved! User-ID agent 4.1.0 service logon account permissions.

User-ID agent 3.1.0 ran quite happily on our Domain Controller under a regular domain user account (no group membership apart from the default Domain Users, and I guess "Ran as service" was granted automatically during the installation).

The new versi

...

ST1985 by L1 Bithead
  • 6734 Views
  • 7 replies
  • 0 Likes

Anyone tried REVERSE PROXY on PAN

Hi,

I was just wondering if anyone was successful in implementing Reverse Proxy solution on the PAN.  As far as i know, Palo Alto does not do Reverse Proxy, but was even told that there was work around for it.  Anyone who has been successful in acheiv

...

Custom reports using different log archive

Hi all,

we are trying to create a custom report in which we want to include fields that belongs to, for exemple, the URL log database and wanted to add a field that is contained at the traffic log (bytes, for example).

Is it possible?

Best regards,

comip by L2 Linker
  • 1400 Views
  • 3 replies
  • 0 Likes

Captive Portal Persistence

Greetings,

A little background.  We have a wireless guest network at multiple facilities.  Currently we have Juniper wireless deployment and use their "SmartPass" product for guest authentication.  This gives us two things:

  1. Provides a splash page that
...

mrsold by Not applicable
  • 1513 Views
  • 2 replies
  • 0 Likes

Resolved! Packet Capture/Debug Flow based on an IPSec VPN

Hi

I am looking for a way doing a packet capture (or Debug Flow) with a filter based on a defined VPN Connection. The only thing I found, was a filter like "debug dataplane packet-diag set filter match ingress-interface tunnel" but with this I am not

...

User_333 by L2 Linker
  • 4457 Views
  • 4 replies
  • 0 Likes

Problem in RESTful API with predefined application

Hi,

Trying to retrieve list of predfined application with RESTfull api we recieve an error (Firefox):

ML Parsing Error: mismatched tag. Expected: </default>.Location: https://<server>/esp/restapi.esp?key=<key>&type=config&action=get&xpath=/config/prede

...

Resolved! LAN issue with PA200

Hi

gotta really wierd problem...

PA 200

configured for DHCP

eth1/2 Layer 3 IP address 10.130.8.25/24

default route via eth 1/2

eth1/2 connected to port on CISCO 2960S switch

PC connected to port on same CISCO 2960S switch

IP config IP Address. . . . . . . .

...

sue_town by Not applicable
  • 1896 Views
  • 3 replies
  • 0 Likes
Top Solution Authors
Top Liked Authors