General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Report: Top URL categories per user

I've been asked to run a report on the web usage of a specific department and I happily generated a report of users from that dept in order of how much data they have used. Then the department head asked for it to be broken down so that for each user

...

UKRB by L3 Networker
  • 2018 Views
  • 1 replies
  • 0 Likes

VPN tunnel Site to site failing

hi I had a working VPN tunnel and t was working for more than 100days then all of a sudden it stopped working

and the rrrors i am getting is

IKE phase-1 SA is deleted SA: MY-IP ADDRESS [500]-REMOTEIP_ADDRESS[500] cookie:ea25f2fa99b81f69:000000000000000

...

BBHLTD by Not applicable
  • 3332 Views
  • 4 replies
  • 0 Likes

what is the processor named webapp3?

Hi

Mgmt cpu was reached to 100% during a hour.

i was look into a reason that why cpu usage hit a peak.

processor named webapp3 was  high usage during cpu reached to 100%. (it was almost 95%)

i don't know what is the role of this processor.
Please let me k

...

willstech by L3 Networker
  • 3118 Views
  • 6 replies
  • 0 Likes

Portal Error when using GlobalConnect client

We have 1 PA-500 which we recently upgraded from 4.0.5 to 4.1.4.

On 4.0.5 we used the NetConnect client for several users without any problem.
Now we upgraded to 4.1.4 we need to use the GlobalConnect client.

So I downloaded and activated the 1.1.4 clie

...

Missmatch in App/Threat Version HA

My second PA says it use 302-1357.

But It acctually says it have 304-1366:

Both my PA's say they have 304-1366 installed under "Device > Dynamic Updates"

But on my dashboard they say its missmatch...

Any one know what i should do? Everything works fine b

...

Resolved! Log Details not populating...

PAN OS 4.1.1.  Looking in my traffic logs and then clicking on the magnifying glass to examine the details of an entry. The log details window opens and spins and spins and spins... never populates.  No change no matter which traffic entry I click on

...

cenders by L3 Networker
  • 5457 Views
  • 10 replies
  • 0 Likes

Destination NAT Mismatch error

Hi I'm configuring a new PA-500 and have it working for source NAT going from Tusted to Internet. Now I want to create a destination NAT rule to allow traffic in to a web server located on the trusted net. I have created a rule almost exactly as it s

...

User-ID Agent

Is it possible to use the User-ID Agent to scan the logs from a machine configured as an Event Collector.  I have an event log called "Forwarded Events" which holds centralised logon/logoff events for another tool.  It would be good to leverage that

...

Server profile KERBEROS with group mapping

Hi guys.


I have  a doubt .


When i configure my Kerberos on my server profile , i can`t make group mapping settings to catch my users from AD and make a Policy for them ?

My PAN OS is 4.1.0

In other versions it`s possible to do with Kerberos OR i need to

...

Thiago by L3 Networker
  • 1860 Views
  • 1 replies
  • 0 Likes

Multiple syslog servers under one profile

A client has set up two syslog servers as destinations on one syslog server profile, but only one of the servers is receiving data. Is that expected behavior on 4.1.3? The hope was to be able to send syslog traffic to both devices.

Thanks

James

jcostello by L4 Transporter
  • 3830 Views
  • 3 replies
  • 0 Likes

Resolved! Static IP Address to User Mapping

Is there any way to statically assign a Username (ID) to an IP address on the PA?  I have a very small install with no AD.  There are two computers that I would like to run User Activity Reports on, but they can only be run against a User and not aga

...

njoyzrd by L1 Bithead
  • 2608 Views
  • 3 replies
  • 0 Likes

https://www.google.com does not work on 4.0.10

there seems to be a problem with ssl connect from PA to google.

The browsers shows a timeout. It takes a couple of minutes, until i get an entry in my logfile.

The logfile shows an "unknown application" first (which is denied in my company by default)

...

mhuels by L3 Networker
  • 2693 Views
  • 3 replies
  • 0 Likes

PAN AGENT CAPACITY BY VSYS

hello,

I have seen the following information for pan agent capacity

Capacity

User Identification capacity limits:

• The PA-4000 series can support up to 64,000 concurrent users; the PA-2000 series can

support up to 47,000 concurrent users.

• Up to 640 grou

...

alle by L3 Networker
  • 2098 Views
  • 3 replies
  • 0 Likes

Blocking Google Drive ?

Hi,

We are relatively new to Palo Alto appliances, but are wondering if we can block Google Drive already?

We did some searching in the application objects database + on this forum, but we cannot find it for now...

Is google drive available yet for scan

...

  • 24284 Posts
  • 99 Subscriptions
Top Solution Authors
Top Liked Authors
Labels