Did you know that you can help your fellow community members by accepting solutions when a reply answers your question Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature
...
We are using the UserID agents on our servers for ID and groups. Users that login via our AD domain on bound machines are correctly identified and we can apply policies based on group membership. That all works very nicely. We just put captive por
...
Hi - we use Panorama and 4050s all running 4.0.5. We have a lot of rules on this firewall for one reason or another (it's a port from Checkpoint of an internal datacentre firewall where there are lots of non-web applications etc). Anyway, I can find
...
Hi all,
user - better: usergroups - identification is a major point in our evaluation of the PAN-Firewall.
Now when trying to install "PanAgent-3.1.2" on my windows7 laptop the software itself is installed, but the
service failes: "Error Installing Serv
...
Dear All,
Does everyone happened to know if Palo Alto can recognize the PaloAlto-User-Group (Palo Alto RADIUS VSA) if the authenticated user account is not belong to user group that RADIUS Server return?
I want to set the security policy rule and have
...
Hardware: PA-500
Firmware: 4.0.2
Page 17 of the PAN 4.0 Admin Guide says:
"Simple Network Management Protocol (SNMP)—Supports RFC 1213 (MIB-II) and RFC
2665 (Ethernet interfaces) for remote monitoring, and generates SNMP traps for one or
more trap sinks (
Hello,
I have a PA-500 device running on PanOS 3.1.4. I try to update it to last release PanOS 4.0.2. (Direct upgrade allowed following the RN)
I have no Internet conection yet, also I would like to install it from a local file.
I click "Upload", locat
...
Hi folks,
since upgrading to 3.1.10 is the ssl traffic (with decryption on the firewall) by squid proxy significant slower as without using a proxy. Not on all websites, but on some the browser needs up to 1 Minute to display the first page.
I tried se
...
Hello,
I need to create custum raports regarding user web activities based on OU from our AD. Is it possible? And if yes how to do it?
I was trying to create custum raport and then set user.src in our_ad/group, but it doesn't seems to work.
Regards,
Piot
...
Hi,
When I query a custom report, I get Palo Alto log on all pages, I need to replace this logo by a custom company logo.
Kindly advise how I can change this logo, so that the final PDF report generates the company specific custom logo.
Rgds,
Tauseef Ahm
...
Hi All,
Have a PA-500 which is failing on a commit with the following:
How can I troubleshoot this further, I am not sure what it would be refering to.
Thanks
Ma
...
i do not find a hint how to remove any SSL Root Authority in my PAN. How can i announce me the trusted SSL Authorities? Is it possible to remove a single CA like "DigiNotar Root CA".
mfg
Manfred
I'm able to ping the interface and don't see any denies in the log, but when I traceroute through the PA-500 it does not respond.
The rest of the hops do respond, just not the PAN itself.
Hello- I am running PAN OS version 3.1.7. I am running a User ID agent on an application server within the domain but I am not getting complete user ID information in my traffic/threat logs. We have just upgraded to Windows 2008 R2 64 bit domain c
...
I have a PA500 running version 4.0.5 and a PAN-agent running 3.1.2AD.
I see the pan-agent working and connected to the PA-500 when I run the "show user pan-agent statistics" it says I have hundreds of users and all my groups and IP's in the output o
...
I only have a few users currently as this is a new deployment however the very few users I have do not seem to time out. I'm using the latest PAN agent on Win2008 R2.
I have users still mapped who haven't been in the office for over 2 weeks. I have m
...
Raido_Rattameis
TomYoung
on:
Confused about QoS on Palo, need some assistance.
