General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

what is the processor named webapp3?

HiMgmt cpu was reached to 100% during a hour.i was look into a reason that why cpu usage hit a peak.processor named webapp3 was high usage during cpu reached to 100%. (it was almost 95%)i don't know what is the role of this processor.Please let me know someone who know this role of processor.Thanks,Eugene.

willstech by L3 Networker
  • 4662 Views
  • 6 replies
  • 0 Likes

Portal Error when using GlobalConnect client

We have 1 PA-500 which we recently upgraded from 4.0.5 to 4.1.4.On 4.0.5 we used the NetConnect client for several users without any problem.Now we upgraded to 4.1.4 we need to use the GlobalConnect client.So I downloaded and activated the 1.1.4 client.I thought it should offer an upgrade when you connect with an old client, so I started my NetC...

Missmatch in App/Threat Version HA

My second PA says it use 302-1357.But It acctually says it have 304-1366:Both my PA's say they have 304-1366 installed under "Device > Dynamic Updates"But on my dashboard they say its missmatch...Any one know what i should do? Everything works fine but it dosen't look that fine..

Resolved! Log Details not populating...

PAN OS 4.1.1. Looking in my traffic logs and then clicking on the magnifying glass to examine the details of an entry. The log details window opens and spins and spins and spins... never populates. No change no matter which traffic entry I click on.Any thoughts? I've rebooted the device as the simple troubleshooting step with no improvement.I...

cenders by L3 Networker
  • 8023 Views
  • 10 replies
  • 0 Likes

User-ID Agent

Is it possible to use the User-ID Agent to scan the logs from a machine configured as an Event Collector. I have an event log called "Forwarded Events" which holds centralised logon/logoff events for another tool. It would be good to leverage that information for Palo too.RegardsGary

Server profile KERBEROS with group mapping

Hi guys.I have a doubt .When i configure my Kerberos on my server profile , i can`t make group mapping settings to catch my users from AD and make a Policy for them ?My PAN OS is 4.1.0 In other versions it`s possible to do with Kerberos OR i need to configure LDAP Server profile ?Best Regards.Thiago Lima.

Thiago by L3 Networker
  • 2424 Views
  • 1 replies
  • 0 Likes

Multiple syslog servers under one profile

A client has set up two syslog servers as destinations on one syslog server profile, but only one of the servers is receiving data. Is that expected behavior on 4.1.3? The hope was to be able to send syslog traffic to both devices.ThanksJames

jcostello by L4 Transporter
  • 5463 Views
  • 3 replies
  • 0 Likes

Resolved! Static IP Address to User Mapping

Is there any way to statically assign a Username (ID) to an IP address on the PA? I have a very small install with no AD. There are two computers that I would like to run User Activity Reports on, but they can only be run against a User and not against an IP Address. Captive portal seems like too much of a pain to require the users to log in ...

njoyzrd by L1 Bithead
  • 3793 Views
  • 3 replies
  • 0 Likes

https://www.google.com does not work on 4.0.10

there seems to be a problem with ssl connect from PA to google.The browsers shows a timeout. It takes a couple of minutes, until i get an entry in my logfile. The logfile shows an "unknown application" first (which is denied in my company by default) and thereafter pretendedly a working "ssl" and "web-browsing" application, as you can see in the...

mhuels by L3 Networker
  • 3746 Views
  • 3 replies
  • 0 Likes

PAN AGENT CAPACITY BY VSYS

hello,I have seen the following information for pan agent capacityCapacityUser Identification capacity limits:• The PA-4000 series can support up to 64,000 concurrent users; the PA-2000 series cansupport up to 47,000 concurrent users.• Up to 640 groups can be used in policies for each virtual system (vsys)• Each UIA can connect to up to 10 Domai...

alle by L3 Networker
  • 2871 Views
  • 3 replies
  • 0 Likes

Blocking Google Drive ?

Hi,We are relatively new to Palo Alto appliances, but are wondering if we can block Google Drive already?We did some searching in the application objects database + on this forum, but we cannot find it for now...Is google drive available yet for scanning/filtering?Or how long does it normally take for P.A. for this app to be added to the availab...

Daily packet capture limit

Hello everybody,can somebody tell me, what this log entry means.And is it possible to change this limit?Apr 8 19:24:2619:24:26,,SYSTEM,general,0,2011/04/0819:24:26,,general,,0,0,general,high,"Daily packet capture limit (directory threat/20110408\, limit 131072) has been reached."ReagrdsChristian

indevis by L2 Linker
  • 4554 Views
  • 2 replies
  • 0 Likes

question about part of CPU log in mp-mointor.log.

Hi. I've generated a Tech support file on the PAN device and then look into mp-moniotor log.I can't understand the part of log during look into the mp-monitor. question is below.1. What command have a print like below on the screen? i know one of command to see the mgmt resource like below. "show system resource". but it shows different...

willstech by L3 Networker
  • 2462 Views
  • 1 replies
  • 0 Likes

idle timeout 0 not working?

We have a couple of machines that are set to display the PANOS web UI Dashboard so that we can see the current Risk Factor and System Resources, etc... so we set the Authentication Settings Idle Timeout to 0 so that the sessions do not time out, as indicated by the help. However, they still do time out. Is there something else we need to change...

Mack by L2 Linker
  • 6230 Views
  • 7 replies
  • 0 Likes
  • 24402 Posts
  • 123 Subscriptions
Top Solution Authors
Labels