Did you know that you can help your fellow community members by accepting solutions when a reply answers your question Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature
...
Is there (or will there be) a vulnerability signature we can use to block exploit attempts?
Hi
In one of my customers (Pan-OS v4.0.7) with eDirectory I use User-Id Agent (v3.1.2) to get user IP addresses. In that directory I used the "Login Id Attribute Name" to specify 'CN' as the attribute to use for user account because many users didn't
...
I have built access via global protect for remote users and all is working fine except that they cannot access the internet.
1. DNS is assigned (internal)
2. All internal network resources are accessable
3. accessable routes includes 0.0.0.0/32
Any idea
...
Hi all,
I would like to know what the requirements are on HA1, HA2 and HA3 links in an active/active deployment. Is there a formula to calculate this ?
Hi All,
Please give any solution to migrate fortigate redundant interface to palo alto 2050.
I recently determined that activesync clients do not leave any traces in the Event logs when they get their email form Exchange 2007. Problem is I was banking on this as I was building our network.
Do Activesync clients with Exchange 2010 leave event
...
Is there a way to identify Mac users without turning captive-port on and having them login to get to the web? We are willing to do a mac address reservation so the user gets the same IP. We would really like to put this in without any real changes
...
Hi All,
to identify users , i installed user-id-agent in AD, and then i added the user-id in palo alto
the status of the user agent in paloalto is connected, so when i tested the user agent in policies, i can apply just for group that i selected
but i
...
Hello guys.
I could not find any information of multicast processing on layer 2 mode for PAN. I wonder about that how do PAN deal with multicast traffic such as HSRP, VRRP and OSPF (that use multicast addressing) on layer 2 mode.
I believe that PAN wou
...
The wan interface on a PA-200 (PANOS 4.1.6) is set up as DHCP client, receiving ip-address from the ISP. When the lease period is out, the ip address is cleared with this message in System Log:
DHCP client cleared IP address on interface:ethernet1/1 d
...
I am running a PA200 at home with Verizon FiOS. Currently the software is at version 4.1.6. I currently have everything running correctly, but the DHCP lease for the WAN expires every 2 hours. I watched the interface this evening to see what is ha
...
From what I understand from the 5.0 documentation so far, each VSYS needs to be setup with separate userID agent configurations. There is no sharing of user-ID information between virtual systems. Is this assumption correct? I am seeing very inconsis
...
Hi,
Has anyone seen any problems with GP 1.2 and HIPS, particularly the domain check? Since upgrading to 1.2 the HIPS check we have to determine if the PC is a member of specific domains fails. When we look at the client on a PC (running windows 7) it
...
Hi,
Someone ever used this application?
I tried but the agent traffic is seen as ssl traffic. Also the default port of the PaloAlto-UserID-agent is tcp/2009. But the default port is 5009 if I'am correct, so is that a bug?
Regards,
Kevin
I'm noticing that when a user connects to a server using RDP with a different username, the PAN-Agent is reading that username and associating it the user's computer.
For instance, a programmer named 'jdoe' connects to a web server from his PC using I
...
reaper
on:
Tunnel Monitoring
reaper
on:
Global Protect need to ask for password all time we connect
reaper
on:
GlobalProtect Android version 13 issue
