This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4473 Views
  • 0 replies
  • 0 Likes

Resolved! Looking for GPClient for Android

Palo Alto Networks Announces GlobalProtect For Android™ Mobile OSAccording to above press release, it is available now, though I can't find it.It says "GlobalProtect for Android is currently available for download from Google Play™. ".Could somebody tell me direct link for it?Regards,Emr

emr_1 by L6 Presenter
  • 4828 Views
  • 6 replies
  • 0 Likes

packets dropped because of failure in tcp reassembly

Hello all,Here is network diagram as belowJuniper FW(Branch) |Internet |PalAlto (HA A-P) |BackBone - Juniper FWMy customer use IPSec VPN between both Juniper FWs.PaloAlto active device changed from #1 device to #2 device at last week(Link Fail-Over)Then they doesn't connect IPSec VPN.I have checked 'global count' between 2 hosts.It incr...

Resolved! Locked user list

I've been getting this error for a user on our Captive portal:User 'neoguest' failed authentication. Reason: User is in locked users list From: 172.16.10.100.I've searched how to unlock the user but I haven't found any info on that.Can anyone send some info on how to unlock this user because I tried deleting and recreating the same user but the...

VPN & Portal on PA2020 running only Virtual Wires

hiOur network has 3 separate connectivity to the internet and all of them are connected via virtual wire on our PA2020 and the only other network connection is the management port on a fixed internal IP... total 7 ports used (3 pairs for the 3 virtual wires & 1 management).is it possible to setup VPN & Captive portal on such a setup?tha...

RonaldGo by L2 Linker
  • 3348 Views
  • 4 replies
  • 0 Likes

PAN OS 5.0.2 missing route

Did anyone see this situation.We have PA 3020 running 5.0.2 and a route based vpn to another PA box.unable to ping the other side of the tunnel or even the other side's tunnel interface IP address. Weird issue never seen this before.Anyone see this before? Please let me know. ThanksJunaid

LDAP Authentication for Global Protect

I am new to LDAP so I'm looking for some help. I have Global Protect setup to authenticate via LDAP using the following:base: ou=People,dc=company,dc=combind DN: uid=fs01,ou=Special Users,dc=company,dc=comThis works. I've confirmed via the system logs.I'd like to have the PA firewall authenticate ONLY users within a specific LDAP group:dn: cn=vp...

mario11584 by L4 Transporter
  • 28276 Views
  • 10 replies
  • 0 Likes

Resolved! System log severity change

Hello!Is there a way to change the severity level of certain system log messages? The PANOS is 4.1.9The issue we are having is that our customer is "spammed" with e-mail notifications from their HA devices that the signature versions do not match.Both devices are scheduled to download-and-install new content every night at the same time, indepen...

Implementing User Identification via AD

Hi everybody,I'm trying to implement user identification via active directory on PA-200. I've added the AD server under Device -> LDAP and added group mapping under Device -> User Identification.Now I guess I need to install user-ID agent on a local machine but I can't find a download link for this app. Is it possible to implement user ide...

How to restrict a vlan to get only the 360p from youtube?

Hi There,Our's is a school and students are always watching youtube videos in full HD quality which makes the bandwidth utilization to the peak. We don't want the students to watch youtube in HD but force them to 360p which is comparatively less bandwidth consumption. Is there any way to accomplish this in PA 2050 with 5.0.3 OS version. I really...

ajay by Not applicable
  • 7234 Views
  • 7 replies
  • 0 Likes

Resolved! Is there a way to force the GlobalProtect client to not connect if the client sees certificate shenanigans?

What I mean by the title of this discussion is that when the GlobalProtect client goes to initiate an SSL VPN session, instead of prompting the user to "cancel or continue," can the client respond to the user with something like "Invalid certificate detected. Due to security concerns your connection cannot be established at this time. Please cal...

Create Policy based on workstation name and AD group membership?

I'm wondering if there is a way to create a policy based on workstations in a certain AD group. Here's what I'm trying to accomplish... I want to have a security group in our Active Directory, say "Privileged Workstations" for a name. Any workstation that is a member of the "Privileged Workstations" group will have a static IP and will need t...

promsos by L1 Bithead
  • 4545 Views
  • 4 replies
  • 0 Likes

Resolved! any way to inject a parameter into a url

Hi I am trying to resolve the issue with the new google safe search changes that have happened. I am from a school and we are having issues with students being able to search for inappropriate content on google images due to their recent changes of not forcing strict safe search on. Previously we have used the work arounds that are on articles 1...

Resolved! Global Protect does not work

HelloI'm running the PAN OS 5.0.2.I'm getting the following error with my GlobalProtect:(T4364) Error(11792): failed to SetDoc. Message: errors getting GlobalProtect configWhere is my problem?Here is my config:<global-protect> <global-protect-gateway> <entry name="GPG_xxx"> <roles> ...

  • 24379 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks