This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

User-Id Agent no longer showing domain

I setup the user id agent with the PA for an organization several months back. They reported it not blocking correctly so I logged in to take a peek. The PA used to report their username as domain\user but now it is just reporting the username (with no domain) which explains the rules not matching correctly.Their PA was last updated a month ago ...

SDorsey by L4 Transporter
  • 3129 Views
  • 1 replies
  • 0 Likes

Resolved! ftp export log traffic query example?

Can someone provide an example of the valid parameters and format for the query statement used in an FTP export? My immediate need is to limit to a specific vsys, and the size is too large to do through the GUI.I know the base command is this: ftp export log traffic start-time equal 2012/07/26@20:59:00 end-time equal 2012/07/27@21:05:00 to a...

u11756 by Not applicable
  • 3383 Views
  • 1 replies
  • 0 Likes

Resolved! How to Clear (remove) Pending CFG Changes

So I have a few changes that are in the candidate config waiting to be committed.However there are a few changes in there that I dont remember doing and they make me a bit nervous.How can I clear the candidate config so there is nothing to commit? I dont see an option to do that.Maybe I should save the current running config (which im happy with...

choff123 by L3 Networker
  • 13761 Views
  • 2 replies
  • 0 Likes

Resolved! Brightcloud update in Palo alto

Hi,On startm, I just want to stating that im french. You may have some difficulty to read next ! Its a question about how Palo Alto take new update of Brightcloud URL DB.We replace WebSense by Palo Alto, because PA manage more then just HTTP and a few of apps. a HUG more. so far PA is a great product. But...In WebSense, when i was asking a rec...

Resolved! reverse proxy key doesn't match certificate

We deployed our PA last month, generated an SSL certificate (forward trust, forward untrust, and trusted root CA), and created SSL decryption rules. Since the creation of the rules we are getting weekly medium system alerts (8 of them) stating "reverse proxy key ['cert_name]' doesn't match certificate issued to '1.1.1.1'." There are others tha...

sconley by Not applicable
  • 7182 Views
  • 1 replies
  • 0 Likes

ISP Failover and Global Protect (Routing Issues)

Hello All,I have a pretty simple setup here - single PA-2020 with dual ISP's (One Virtual Router). We're also using Global Protect (SSL VPN only) currently. I seem to have an issue that I cannot sort out.ISP failover works great through the use of PBF. All inbound services (policies and NAT continue to function) just fine...but here's the kic...

Pan Agent Clear clear user-cache all issue

Hello,I've an issue with a cluster of PA500 running PANOS 4.1.7.I'm using User Agent (release 4.1.5-1 installed on two 2008R2 servers) to authenticate users.When I clear the user cache (with the command 'clear user-cache all') on the firewall, the cache is NEVER populated again.All users are marked as 'unknown' in the output of the command 'show...

licenselu by L4 Transporter
  • 3133 Views
  • 1 replies
  • 0 Likes

Resolved! Security Policy to block Dropbox

I have created a security policy to block Dropbox traffic, but so far it is not working. In my policy I have chosen:Source: Destination Zone: User: Destination Address: Application: Service: Action;trust untrust Me (as a test) d...

Resolved! Radius PSK limitation

Hello,Can somebody from paloalto give the limitation of the shared secret word size and characters that we can use in the RADIUS Server profile ?(I had some trouble to use complex secret with 64 characters with Windows 2K8R2 NPS))

u5128 by Not applicable
  • 4329 Views
  • 2 replies
  • 0 Likes

Resolved! Multicast stream from one VR to another.

Hi,We have a IPTV multicast stream coming in on one of our virtual routers, and its working very well for all networks in this VR.However, when we try to "route" this multicast stream to another VR on the same box, we can't make it work.We have basically the same setup on this VR, except that we use "Remote Rendezvous Point" instead of the local...

johnd by L2 Linker
  • 3187 Views
  • 2 replies
  • 0 Likes

VPN SSL & Linux

Hello,Here are some questions about VPN SSL Linux support :- When do you plan to provide a Linux SSL client ?- It would be great to not need the root privilege to be able to download and/or upgrade the VPN client.Thanks :smileycool:

bdaussin by L0 Member
  • 15258 Views
  • 29 replies
  • 0 Likes

Committing Firewall changes

Does committing firewall changes bring the firewall down or will it remain functional while updating the configuration. I basically want to know if I can commit a NAT policy change without bringing down my tunnels

Bagar390 by Not applicable
  • 4086 Views
  • 3 replies
  • 0 Likes

Resolved! User identification

Hi,I´m trying to configure the User Identification based on LDAP to Win2K8 Domain Server.Apparently everything is fine - I can connect to AD Server and see the directory in User Identification -> Group Mapping Settings -> Group Map ProfileMy problem is that just groups are displayed, no users and no computers.I think that that maybe it is ...

rrunge by Not applicable
  • 4954 Views
  • 1 replies
  • 0 Likes
  • 24381 Posts
  • 123 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks