General Topics

Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

 

Rules and Best Practices

 

  1. Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion
...

JayGolf by Community Team Member
  • 709 Views
  • 0 replies
  • 0 Likes

LDAP Error - AD Integration

Hi

has anyone encountered the following error.

When i type the following command

enayat@fw-tec1-pa2050>show user ldap-server state

LDAP server HO_LDAP
Bind DN : zajil\fwadmin
Base :  dc=zajil,dc=com
Group Filter: (None)
User Filter: (None)
Servers :  configur
...

User-ID agent and 300,000 LDAP UID's

I need to run user Identification of a Sun-One LDAP server, that has two main classes for users, totalling 300,000 users, in one geographic location.

What is the maximum number of entries a user-id agent can handle/cache etc?

Would the best configurati

...

KatanaNZ by L3 Networker
  • 3633 Views
  • 6 replies
  • 0 Likes

ldap through PA failing randomly

we're having a problem with logging into servers in our network that connect to an ldap server that is behind the Palo Alto firewall. The PA recognizes the sessions as ssl going over 636/tcp. Our rules allow these connections, and most of the time wh

...

bowings by L1 Bithead
  • 4367 Views
  • 5 replies
  • 0 Likes

Resolved! Avoiding Certificate Error With Captive Portal

I was able to get Captive Portal setup successfully, but is there a way to prevent IE from complaining about a certificate error to get to the captive portal?  I probably won't be able to use it because of this error, it would be too confusing to som

...

Two Virtual Routers and NATing

Hello,

We currently utilize dual ISP's as part of our business continuity plan and it looks like we have most of our PBR's setup appropriately. I am trying to figure out a way to create a static NAT entry on ISP2 via VRF that will go to the Core Netwo

...

jschelert by Not applicable
  • 2535 Views
  • 2 replies
  • 0 Likes

Exchange 2010 - Applications Required?

We have a Palo Alto in front of an Exchange 2010 CAS server.

The Palo Alto is in a back-to-back config with a "dumb" firewall in front of it that only allows port 443 inbound.

The Palo Alto has the SSL cert from the Exchange box on it, so does SSL insp

...

HA interfaces link fail questions

According to manual, active-standby cluster..

• If one HA interface fails, synchronization continues over the remaining interface. If the state synchronization connection is lost, then no state synchronization occurs. If the configuration synchronizat

...

raymondl by Not applicable
  • 2650 Views
  • 2 replies
  • 0 Likes

traffic between management IP addresses in HA ???

hello guys,

i have a silly question for today. am testing HA in my lab ....... i have noticed on PAN dashboards that it shows the management IP address of it's HA partner!! is there any traffic concerning ''  HA  '' that moves between the managements

...

Passive Logging

Hi - we are running 2x PA4050 in version 4.0.4. We are sending all logs to Panorama. We have them in active-passive mode. I see logs for both the policy and alarms (eg an etherchannel leg is lost - I get  port & HA events etc) from the active. Howeve

...

fmd by L3 Networker
  • 2338 Views
  • 2 replies
  • 0 Likes

Resolved! vwire with "zoned" vlans

I have a design type question I received from a customer today that I couldn't quite answer. They would like to position the PAN inline on a trunked interface in a vwire type configuration. But based on the traffic tagging they would like to create s

...

  • 23972 Posts
  • 114 Subscriptions
Top Liked Authors
Labels