General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Resolved! Setup SSL Inbound Inspection with 3rd party certs

Greetings!I have a SharePoint server in a DMZ and would like to setup SSL Inbound Inspection. Is it possible to set this up if I am using third party (GoDaddy) certs? I tried exporting the cert from IIS and uploading to PA; it allows me to select in the inbound decryption policy but it is NOT decrypting the traffic.

SDorsey by L4 Transporter
  • 11282 Views
  • 13 replies
  • 0 Likes

Cert authority to use

We got a wildcard cert built off of a CSR from a windows machine. However attempts to put it on the palo alto device have all failed.previous tickets on that were a run around between here and go daddy. PA believes it look all good and go daddy cant do anything when i try to build a CSR off of the PA device, GD just doesnt recognize it and the...

rhawley by L0 Member
  • 3306 Views
  • 2 replies
  • 0 Likes

user reporting per domain - user.src wildcards

Hi,we have an environment existing out of a forrest containing 15 different domains, all managed by different admins.Since we want to inform local domains on their users internet behaviour, but we don't want them to look into the numbers of other domains, i would like to apply a wildcard to user.src so we would be able to set for example user.sr...

moorken by L0 Member
  • 2715 Views
  • 1 replies
  • 0 Likes

Netconnect and Zscaler issue

Hi,somebody tried to use a cloud based proxy provider like zscaler to use together with Netconnect.ssl vpn ?The proxy uses AD authentication to make sure the client is a member of....customer. No problem so far.When the user wants to initiate a Netconnect session, the panconnect crashes with an unknow software exception....Only way to bypass thi...

gejac by Not applicable
  • 4291 Views
  • 1 replies
  • 0 Likes

Resolved! Number of Users on Local Database

Hi all.Palo Alto have Local Database to define User.But I do not know the number of users that PA can create and manage by Local Database.Pls help me know.Thanks.

dat.tran by L2 Linker
  • 4978 Views
  • 1 replies
  • 0 Likes

Additional authentication for specific zone

Hello everyone,Is it possible to request an additional authentication for a specific zone with PAN-OS 5.0?The requirement would be to have regular userauthenticated through regular ActiveDirectory/NTLM for regular zones. However for very sensitive zone, a Captive Portal would be requested with additional authentication requirements (e.g. RSA). I...

A general web proxy server deployment with PAN box

Hi All, I think this topic has been discussed in the past, but I want to be clear about this deploymentsince web proxy server design is still typical in many customer's live network. So please allow me to bring this again.2 basic deployments are mentioned in the past. These deployments are:(1) Place PAN between users and a proxy server. It would...

tomimma by L1 Bithead
  • 5068 Views
  • 5 replies
  • 0 Likes

Allowing some protocols from any user/port?

I am curious what others are doing for some protocols: Examples: DNS, ocsp, STUN, meraki, apple push notification, etc. It seems to me that these sorts of things could be let go for pretty much all users, anytime and be excluded from the captive portal. Correct?I have a couple fo reasons for this question:1. I am having issues with Facetime...

BobW by L4 Transporter
  • 4213 Views
  • 2 replies
  • 0 Likes

Blocking pictures with GPS Data

I'd like to use the PA to block pictures that contain GPS exif data in jpeg, tiff, and other uploads to social media sites. Has anyone done this already?

PANoJAM by Not applicable
  • 4249 Views
  • 4 replies
  • 0 Likes

Commit failed

Hi everybody,Device: PA-2050Firmware: 4.0.1we are getting this error message when we try a commit.What is happening when this appears and what can we do?A rollback to a further config version is not helping.Error message:Management server failed to send ID request to client deviceCommit failedOn Web-Gui and on CLI!ReagrdsChristian

indevis by L2 Linker
  • 14909 Views
  • 15 replies
  • 0 Likes

Monitoring - source user not shown in log

Although the "agentID client" is installed on one of our domain controller boxes, I find that when using MONITOR log to look at the traffic, it doesn't show the "source user" of whom is currently logged in via Active Directory. Any idea why?In addition, the monitor log will show the ip address and it will "resolve hostname" when checking the box...

Resolved! PA-500 IPsec VPN

Hi all,I have a general VPN tunnel question.. Was do the status lights on the IPsec tunnel indicate (see below)? I understand green is goo and red is bad, what I don't know is why is there two? I can surmise that the second one is the "IKE Gateway/Satelite" but what does that really mean? does that tell me that my phase one IKE settings are righ...

FAO: PAN. Brightcloud Server Down / Miscategorization of websites based on Dynamic dB on version 3955. Why??

Dear Palo Alto Networks,Off late, I have been seeing some bizzare issues with Brightcloud services version 3954 and 3955. As per what I could see under the system logs, on 09/10/12, the brightcloud server could not receive data and there was failure in retrieving data (in-spite of having all the network connections checked and were absolutely f...

  • 24400 Posts
  • 123 Subscriptions
Top Solution Authors
Labels