user-identification for VLAN Traffic

Hi Guys,

I am just wondering if any one could help me out on this as I am slightly lost creating and troubleshooting for the following issue:

It has been noticed that not all traffic had a user-id and it seems that any traffic originating from a VLAN

Quarantine functions

I have  a customer who is familiar with ISS Proventias.  This customer is trying to match capabilities of the ISS to PA.   I have answered all his questiosn/ matchups with IPS rule to a Vulnerability Protection policy+ Malware/Spyware policy, but I a

VPN tunnel to Cisco ASA via GUI?

I need to setup a VPN tunnel with a Cisco device which we don't control or have any access to.

The intention is that I can allow a group of IP addresses on our LAN to have access to resources on the other side of the tunnel.

These are the settings that

Inbound NAT Question

Hello-

I am running PA-4050's in an HA oair with s/w version 4.0.7.  I have a "guest-wi-fi" zone and Untrust Zone.  I currently have an outbound NAT rule for the Guest wifi pool (10.250.98.0/24) to the Untrust Zone using the source address of the wifi

PA 2020 Active/Passive Cluster on SFP Ports

Hi,

I have two  2020 Palo-Alto firewalls with serial no.0004C102807 and 0004C102848. I have to configure them in Active /Passive Cluster. As per the design the two PA Firewalls are not in the same location and they are at different locations and Ether

url filtering with groups moved user

I have 2 surfing policies one referencing group1 the other group2

if I move a user from group 1 to group 2 he is still restricted by the group 1 policies

how do I force the panagent to look again and get the list of group to user again

Trying to configure GlobalProtect VPN with user certificates on 4.1.x

Hello-

I currently have a PA-500 running 4.1.2 and am trying to configure a client certificate-based VPN as outlined in this document:

However, that document is for the old NetConnect (pre-4.1.x) VPNs so I've been trying to merge the instructions cont

PA in active-active mode and Cluster ID

Dear all,

we ran into a strange problem tonight.

We are running PA 4.0.8 in active/active because me might encounter asymmetric routing.

We have two A/A clusters in different data centers. Both clusters have the same cluster ID.

The traffic is going only

User-ID Agent 4.1.1-7 Installation Requirements

What are the official installation requirements(HW and SW) for the User Indentification Agent?

Bulk creation of host objects

We need to create a large number host objects (i.e. IP address objects).  Tech support only pointed us to a KP article "Using the XML API" which is Greek to me.  Does anyone have any suggestions/solutions?  I would think that someone would have neede

Trap SNMP for threat

Hi all,

From the mib file named PAN-TRAPS.mib I can see that there are some information about threat objects.

Is there anybody who knows how to use this.

I have tried to generate some threats but no traps were sent to the manager.

Thanks

Bruno

Need assistance creating a custom application

     I have a warehouse management system, and I need to identify the traffic from the WMS client. 

Here is a section of the tcp stream from a packet capture:

V103^46^^~0~~0~~-1^=^002050^get encryption information

V103^45^45736^0^0^^1^1^s^~name~4