General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Resolved! Mac Users and User-ID

Is there a way to identify Mac users without turning captive-port on and having them login to get to the web? We are willing to do a mac address reservation so the user gets the same IP. We would really like to put this in without any real changes to the users. Thanks for any help on this.

expoffsol by Not applicable
  • 7650 Views
  • 7 replies
  • 0 Likes

Mapping users with user agent

Hi All,to identify users , i installed user-id-agent in AD, and then i added the user-id in palo alto the status of the user agent in paloalto is connected, so when i tested the user agent in policies, i can apply just for group that i selectedbut i can't see the users on paloalto , rather thant i see the users connected with there address in u...

atelcom by L3 Networker
  • 8882 Views
  • 9 replies
  • 1 Likes

How PAN deal with multicast traffic on Layer 2 mode.

Hello guys.I could not find any information of multicast processing on layer 2 mode for PAN. I wonder about that how do PAN deal with multicast traffic such as HSRP, VRRP and OSPF (that use multicast addressing) on layer 2 mode.I believe that PAN would bypass and forward multicast traffic but I'm not sure.Please answer me above question.ThanksRe...

ttongfly by L3 Networker
  • 3661 Views
  • 1 replies
  • 0 Likes

Resolved! DHCP client on wan interface - ip cleared

The wan interface on a PA-200 (PANOS 4.1.6) is set up as DHCP client, receiving ip-address from the ISP. When the lease period is out, the ip address is cleared with this message in System Log:DHCP client cleared IP address on interface:ethernet1/1 due to: Lease expiryThe problem is that an admin has to manually request a new ip address, this is...

einar by L1 Bithead
  • 17348 Views
  • 13 replies
  • 0 Likes

Resolved! PA200 Dynamic DHCP Client Issue

I am running a PA200 at home with Verizon FiOS. Currently the software is at version 4.1.6. I currently have everything running correctly, but the DHCP lease for the WAN expires every 2 hours. I watched the interface this evening to see what is happening, and about 1 hour in the state changed from "bound" to "renewing", but it never renews un...

ccaruso by L0 Member
  • 5055 Views
  • 2 replies
  • 0 Likes

Resolved! UserID and multiple VSYS

From what I understand from the 5.0 documentation so far, each VSYS needs to be setup with separate userID agent configurations. There is no sharing of user-ID information between virtual systems. Is this assumption correct? I am seeing very inconsistent results between mulitple vsys's when I show a list of users. VSYS1 will show ~2500 users and...

Global Protect 1.2 & HIPS

Hi,Has anyone seen any problems with GP 1.2 and HIPS, particularly the domain check? Since upgrading to 1.2 the HIPS check we have to determine if the PC is a member of specific domains fails. When we look at the client on a PC (running windows 7) it no longer shows the domain under the host info section? It still shows the OS and Host Name as w...

DaveM by L1 Bithead
  • 6529 Views
  • 6 replies
  • 0 Likes

Resolved! application PaloAlto-userid-agent

Hi,Someone ever used this application?I tried but the agent traffic is seen as ssl traffic. Also the default port of the PaloAlto-UserID-agent is tcp/2009. But the default port is 5009 if I'am correct, so is that a bug?Regards,Kevin

RDP and the PAN-Agent

I'm noticing that when a user connects to a server using RDP with a different username, the PAN-Agent is reading that username and associating it the user's computer.For instance, a programmer named 'jdoe' connects to a web server from his PC using IP address 172.16.3.3 using the username 'webadmin'. The traffic logs now read that 'webadmin' is ...

mharding by L4 Transporter
  • 13530 Views
  • 21 replies
  • 0 Likes

Resolved! Globalprotect & Windows 8

Hello,Does anyone know if there are any issues with Windows 8 and Globalprotect?I have a newly installed 64bit Win8 Pro installation with Globalprotect version 1.2.Globalprotect does connect and it says that "services are connected". But I do NOT get any traffic via the vpn connection.Everything seems to be going via the default-gateway as usual...

Resolved! Creating QOS policy

Hi All,While creating QoS policy, its asking only for class but i have created more than one QoS profiles. from which profile the class is considered? or Please guide me to create customized class to use in QoS policy. Thank you,Gururaj

Gururaj by L4 Transporter
  • 2727 Views
  • 2 replies
  • 0 Likes

product sizing

helloi will propose paloaltonetworks firewall to a customer who has 150 user , wich device can i propose ? how can i do the sizing of the product ?thank's in advanceSarah

atelcom by L3 Networker
  • 7518 Views
  • 9 replies
  • 0 Likes

Can't select users in policy

Hi,I am playing with my little PA-200 and wanted to try user based policies. I added a couple of users to the local user database and grouped them into user groups. Now when I create a new policy (or modify an existing one), the source-user field stays empty, my users don't show up so I can't add them. Even when I start typing (for autocomplete)...

  • 24404 Posts
  • 123 Subscriptions
Top Solution Authors
Labels