This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Can't select users in policy

Hi,

I am playing with my little PA-200 and wanted to try user based policies. I added a couple of users to the local user database and grouped them into user groups. Now when I create a new policy (or modify an existing one), the source-user field sta

...

IPSec VPNs using public key signatures

hi!

I was wondering if public key signatures (RSA signatures, DSS signatures, ...) are supported for authentication in IPSec VPN with PAN and if there are any plans to implement it?

cheers,

Andrej

santonic by L6 Presenter
  • 1533 Views
  • 1 replies
  • 0 Likes

Capture files not visible in GUI

Hi all,

We are running version 5.0.1 on out Palo Alto 5020. when we run the packet capture feature, the tracefiles are visible on the CLI, but the GUI shows nothing.

It has nothing to do with filters, the GUI is just empty.

Does anyone have a solution f

...

Gerben by L0 Member
  • 1803 Views
  • 1 replies
  • 0 Likes

Resolved! V5 upgrade QOS statistics not working

We have upgrade to v 5.0, all working fine except that QOS statistics no longer work

This has happened on a 500 and a 2050

we just see a 'No statistics available for this interface' message when statistics are clicked...

aardman by L1 Bithead
  • 4087 Views
  • 5 replies
  • 0 Likes

Resolved! Panorama policies pushed to HA peer

I've got an HA A/P pair where the primary is included in a device group and managed via Panorama.  The configs are sycnhed and everything is matched; however, the peer has no inherited policy from Panorama.  Any ideas?

emelcher by Not applicable
  • 3228 Views
  • 4 replies
  • 0 Likes

UseridID-Agent best practices - where to install ?

I'm new to this world and am looking for some advice of where to install the  UserID Agent.

I'm thinking one of the most efficient places to put it would be a domain controller.

User identification is very important to us and we want to be able to id a

...

jhickey by L3 Networker
  • 11270 Views
  • 12 replies
  • 0 Likes

Resolved! Logging of threats - Possibly to set it globally ?

Hi,

I am in the start of setting up Threat log forwarding to Syslog and/or SNMP-traps.

Do I really have to enter every single rule to enable this logging or is it a smarter way of doing this ??

I really hope that I am not forced to add the same log forw

...

stig by L1 Bithead
  • 2758 Views
  • 4 replies
  • 0 Likes

Syslog via TCP?


I note that the PA-2050 units I have running 4.1.7 PanOS generate their syslogs as UDP/514.  Is there any way to tell the unit to use TCP for syslog messages?

Our SIEM/syslog collector (AlienVault) seems to be missing some of the syslog messages we (

...

Resolved! Data pattern limitations.

Hi All,

"Save the telnet" movement inspired me . I'd like to find out if any one is experiencing same limitations I do:
- " at least 7 bytes" limit in Custom Data Patterns.

- "regex" has very limited capabilities in Custom Data Patterns.

Would adding t

...

abraun by L1 Bithead
  • 3127 Views
  • 1 replies
  • 0 Likes

Alarms - Log DB size over threshold

Hi guys,

It looks like our PA-2050 is not purging old log files from the database. When we log in to the Web UI we get alarms like this:

According to the documentation this error shouldn't occur. The PA box should automatically purge old log entries wh

...

oschuler by L4 Transporter
  • 3146 Views
  • 4 replies
  • 0 Likes

Zone to Zone for OWA/activesync?

Our users private devices are on a separate subnet/vlan and a separate PA zone using the Google DNS servers.  I have been forcing a captive portal in order to enable user ID for these devices.  This has been working fine.

I have set a rule so that the

...

BobW by L4 Transporter
  • 2203 Views
  • 3 replies
  • 0 Likes

Resolved! Panorama: Is it possible to assign an admin role to a vsys?

In Panorama, is it possible to assign an admin role to a vsys? I don't see the option on the admin role tab in Panorama. I only see it on the device itself. Please see attached screen shots as a comparison between the Panorama view and the Device vie

...

bbsoc by L2 Linker
  • 3797 Views
  • 2 replies
  • 0 Likes
  • 23653 Posts
  • 104 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks