Did you know that you can help your fellow community members by accepting solutions when a reply answers your question Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature
...
What is everyone using for their Port Scan/Host Sweep settings in the Zone Protection profile?
Mine are at...
TCP Port Scan
5 secs
800 events
UDP Port Scan
5 secs
800 events
Host Sweep
2 secs
200 events
...I may have to fine tune it some more to lower the amoun
...
Hi All,
Our domain administrators have two Active Directory user acounts; a standard 'username' for normal day-to-day tasks, and a 'username_a' for administrative work. Occasionally, PA will pick up the '_a' account when checking group access instead
...
I have a customer who has AD and is using the UserAgent sucessfully.
However, many users are not always logged in, or are using corporate hardware, so aren't logged in.
I want to configure Captive Portal for non-logged in users that uses NTLM to authen
...
After installing 10 terminal server agents and 1 PAN-agent on a PA-2050 the appliance cannot connect to any agent.
admin@mi2-pan2> show user pan-agent statistics
Name IP Address Port Vsys State Users Grps IPs
...
I've come across a few websites, when I run the URL in Brightcloud, can contain anywhere from 2 to 5 categories.
When a URL has multiple categories in Brightcloud, which one does Palo Alto Networks choose?
Here is a good example.
www.coffeed.com (coffee
...
I am trying to figure out how to deploy SSL decryption. I have it working in a test environment using an in house CA and by importing the cert. into my browser. As we have Firefox users and can't export the Trusted Root CA with a GPO, I am looking fo
...
What is causing this failed commit:
Failed commit shared->botnet->configuration->http->dynamic-dns unexpected here
I have learned, PAN will only build route based and not policy based IPSec tunnels.
We need encrypted communication between several Windows Server 2008 systems in the outback and a lot of them in the central office. Till now, we build a site-to-site V
...
Hi,
I have a question concerning the User Identification Agent.
Yesterday we had a problem with wrong user identification. The problem is solved in the meanwhile but it would be nice for me to understand how the agent works.
To solve the wrong identi
...
I'm interested in setting up a similar KnowledgePoint at our org. Who provides the KnowledgePoint service?
Thanks
Hi,
I wanted to know what you usually do when you see a Virus detected on the PA.
How do you check that it is not a false positive?
Do you use the packet capture in the case of a virus?
Does the name/id of the Virus help you to find more details
...
We have a pair of 4050s in a HA configuration. I was wondering if there was anyone that has a best practice or advice on setting up the Dynamic update synch. We are looking for the best way to keep the environment up to date through dynamic update w
...
We have purchased eight units (2020s and 4020s) in the past two months and they all shipped with PANOS v3.1.4, no updates of any kind, and an incorrect setting for the URL filering (surfcontrol vs. brightcloud) which requires a full reboot to fix. It
...
Can we control the capability of of application such as yousendit, where we allow downloads but not uploads?
Hi everyone,
when I configure LDAP for authentication,
then I'm getting the groups in the distinguished name (dn) format.
I can choose them in policies and in the authentication profile.
Now my questions,
is the pan-agent then needed for policy authentica
TomYoung
on:
how can i create a PBF rule to send traffic to a http/https proxy?
TomYoung
on:
Confused about QoS on Palo, need some assistance.
TomYoung
on:
Static Port Address Translation question
TomYoung
on:
what is the cli command for checking last failover
reaper
on:
SSL inbound inspection certificate issue
TomYoung
on:
One Global Protect Portal and Two Global Protect Gateways in One Firewall
reaper
on:
password reset for user through support.paloaltonetworks.com
