This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4116 Views
  • 0 replies
  • 0 Likes

Resolved! User-ID Agent XML config and debug

Have successfully installed the UserAgent 4.1.2-2 and it is merrily discovering user authentication events. It is VERY keen to tell me all of this in the UaDebug.log file.How do you reduce the verbosity - there's a "file" somewhere but it's not giving any hints?02/14/12 13:32:59:730[ Info 1642]: ------------Service is being started------------ ...

PA 2020 Active/Passive HA

I am configuring Active/Passive PA 2020 firewall for clustering . I have configured all the parameters for HA including the links(HA1 and HA2). Also the firewall are connected and both the HA interfaces are showing up. I am making One PA Firewall as Active by lowering its device Priority (100)and other as standby (priority 150). I am seeing ,th...

itsecll by L1 Bithead
  • 5265 Views
  • 6 replies
  • 0 Likes

address-group limitation

Hi @all,we’re using a PA-5020 active-passive Firewall-Cluster. We recently noticed that the address-groups are limited to 500 items per group. As we have a list of nearly 1500 items (ip-address and network-addresses) to manage, I want to ask whether there are any performance issues known if we split the items in three or more groups.

Wirecard by Not applicable
  • 2942 Views
  • 2 replies
  • 0 Likes

No username in source-user column of PA-500

Hi AllI have upgraded to PANOS 4.1.2 and user-id-agent 4.1.2-2 in my lab, however when i complete config, and can not select any domain\username in the source user column, but i can sure the connection is ok by command >show user user-id-agent statistics between the unit and user-id-agent.When I downgrade user-id-agent 4.1.2-2 to PanAgent 3....

Third party RADIUS + OTP + Captive Portal

Hi all,We are implementing a Nordic-Edge Server that provides radius and otp services. Once you have enter the user/password credentials in VPN-SSL portal , you get another screen which prompts you for the OTP that is sent by SMS.The auth is OK , but the security policies are based in Active Directory users and groups. In order to solve it we ar...

Resolved! User-ID agent 4.1.0 service logon account permissions.

User-ID agent 3.1.0 ran quite happily on our Domain Controller under a regular domain user account (no group membership apart from the default Domain Users, and I guess "Ran as service" was granted automatically during the installation).The new version of User-ID agent refuses to start the service under that account. No events are loged in Windo...

ST1985 by L1 Bithead
  • 9875 Views
  • 7 replies
  • 0 Likes

Anyone tried REVERSE PROXY on PAN

Hi,I was just wondering if anyone was successful in implementing Reverse Proxy solution on the PAN. As far as i know, Palo Alto does not do Reverse Proxy, but was even told that there was work around for it. Anyone who has been successful in acheiving this, could you please share it out with us.Many thanks in advance.Kind Regards,

Custom reports using different log archive

Hi all, we are trying to create a custom report in which we want to include fields that belongs to, for exemple, the URL log database and wanted to add a field that is contained at the traffic log (bytes, for example). Is it possible?Best regards,

COMIP by L2 Linker
  • 3126 Views
  • 3 replies
  • 0 Likes

Captive Portal Persistence

Greetings,A little background. We have a wireless guest network at multiple facilities. Currently we have Juniper wireless deployment and use their "SmartPass" product for guest authentication. This gives us two things:Provides a splash page that guests have to accept basically saying we have no SLA, not responsible, blah blah blah legal stuf...

mrsold by Not applicable
  • 3240 Views
  • 2 replies
  • 0 Likes

Resolved! Packet Capture/Debug Flow based on an IPSec VPN

HiI am looking for a way doing a packet capture (or Debug Flow) with a filter based on a defined VPN Connection. The only thing I found, was a filter like "debug dataplane packet-diag set filter match ingress-interface tunnel" but with this I am not able to filter just one VPN Connection (eg tunnel.100). It seems, this command doesn't support su...

User_333 by L2 Linker
  • 11662 Views
  • 4 replies
  • 0 Likes

Problem in RESTful API with predefined application

Hi,Trying to retrieve list of predfined application with RESTfull api we recieve an error (Firefox):ML Parsing Error: mismatched tag. Expected: </default>.Location: https://<server>/esp/restapi.esp?key=<key>&type=config&action=get&xpath=/config/predefined/applicationLine Number 45327, Column 11:In version 3.* this w...

Resolved! LAN issue with PA200

Higotta really wierd problem...PA 200configured for DHCPeth1/2 Layer 3 IP address 10.130.8.25/24default route via eth 1/2eth1/2 connected to port on CISCO 2960S switchPC connected to port on same CISCO 2960S switchIP config IP Address. . . . . . . . . . . . : 10.130.8.151Subnet Mask . . . . . . . . . . . : 255.255.255.0Default Gateway . . . . . ...

sue_town by Not applicable
  • 3828 Views
  • 3 replies
  • 0 Likes

como configurar 2 puertos que hagan marcacion pppoe ?

Hola buenos dias, he intentando configurar un puerto para que realize la marcacion pppoe y asi la interface tenga la ip publica de mi provedor de internet.lo he intentado hacer en varias ocaciones , pero no tengo exito. Lo que realize fue configurar un ip estatica del modem pero asi no lo requiero.Y ahora tengo dos enlaces y quiero hacerlos con ...

VPN SSL with LDAP Group fail

Hi team, I have a problem with a OS 3.1.9.If a try to configure VPN SSL with LDAP Groups, always I have the same error: Authentication failed: Invalid username or password.If I change the configuration to LDAP users, athentication and connection are perfect.What is the problem with LDAP Group? realy I need a solution with LDAP.I hope help me som...

ocampos by Not applicable
  • 2033 Views
  • 1 replies
  • 0 Likes

Resolved! DHCP Option 252 WPAD

Seeing since there is no support to push down client proxy settings via GP - does anyone know if we can set up a DHCP scope for SSL VPN clients that has/allows for option 252 WPAD support?ThanksRod

djrodb by L3 Networker
  • 8814 Views
  • 8 replies
  • 0 Likes
  • 24334 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks