This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4222 Views
  • 0 replies
  • 0 Likes

Captive Portal with Session Cookie - Synchronization problem

Hi, I have a pair of PA 2050 in cluster and the synchronization was working fine until I try to enable the option Session Cookie in the Captive Portal configuration. The only way I have find to re-synchronize my cluster is to disable the Session Cookie option, restart management server, synchronize secondary on the primary and vice versa. ...

u7377 by Not applicable
  • 2564 Views
  • 1 replies
  • 0 Likes

Global Protect - Source User 127.0.0.1

Hi,I'm doing a configuration with global protect that working fine on my pc (laptop with Win 7). But when the real users doing the same with their pc's (Desktop with Win Xp) it dosent work, Global protect give the good message to the user but doesn't give access. When I look into the HIP Match monitor I see that the source users IP address are r...

u7377 by Not applicable
  • 2911 Views
  • 1 replies
  • 0 Likes

Global Protect Setup using an external CA

Can anyone help with setting up GP to use certificates from an external CA ? Ive managed to get it working using an internal CA & signing the server & client certificates defined in the portal against that - but Im struggling to get it working when I use an external CA to generate the certificates; where Im trying to get too is that we p...

SimmSimm by L2 Linker
  • 2337 Views
  • 1 replies
  • 0 Likes

Resolved! About Active-Active on Vwire

Hello guys.I tested for now about active-active pair on vwire mode that is simplest deployment I know. but I could not find that more information for active-active HA pair on vwire.I wonder about that A-A vwire needs ACTIVE-ACTIVE configuration such as HA3 packet forwarding, Session owner selection, Session Setup. I guess that are not needed but...

ttongfly by L3 Networker
  • 11377 Views
  • 5 replies
  • 1 Likes

comscore

Has anyone had any experience with this Comscore app this article is speaking of? http://www.cleveland.com/business/index.ssf/2011/08/privacy_lawsuit_targets_comsco.html If anyone has found it and logged the traffic I would be greatful if you post it so we know what to deny.. I'd rather not install it just to watch the traffic.. Both sites are ...

kazjak by Not applicable
  • 2103 Views
  • 1 replies
  • 0 Likes

CryptoCard Card.

When using the Cryptocard authentication server we have had issues where no radius packets are coming through the PA500 on version 4.0.1. When the packet capture (tcpdump) was run no packets appeared on the interface.....The only way to solve this problem was to upgrade to 4.0.4, the latest release. Magically this worked. I require some sort o...

amansour by L4 Transporter
  • 2410 Views
  • 2 replies
  • 0 Likes

CLI ping and traceroute resolving ip

Hi,In the GUI the PA is resolving ip address by quering the dns server. But with CLI commands like ping and traceroute it doesn't seems to do DNS resolving. I think it should be because there is a CLI command no-resolve.Any ideas why it isn't resolving in the CLI?

LDAP Error - AD Integration

Hihas anyone encountered the following error.When i type the following commandenayat@fw-tec1-pa2050>show user ldap-server stateLDAP server HO_LDAPBind DN : zajil\fwadminBase : dc=zajil,dc=comGroup Filter: (None)User Filter: (None)Servers : configured 1 servers192.168.100.10(389)Last Action Time: 55 seconds ago(took 8367389 seconds)Next Act...

User-ID agent and 300,000 LDAP UID's

I need to run user Identification of a Sun-One LDAP server, that has two main classes for users, totalling 300,000 users, in one geographic location.What is the maximum number of entries a user-id agent can handle/cache etc?Would the best configuration here, be to use multple agents, and hae each agent pull UID's using the object class filter?So...

KatanaNZ by L3 Networker
  • 5763 Views
  • 6 replies
  • 0 Likes

ldap through PA failing randomly

we're having a problem with logging into servers in our network that connect to an ldap server that is behind the Palo Alto firewall. The PA recognizes the sessions as ssl going over 636/tcp. Our rules allow these connections, and most of the time when we try to log in to a server that authenticates with the ldap server behind the firewall it wo...

bowings by L1 Bithead
  • 5705 Views
  • 5 replies
  • 0 Likes

Resolved! Avoiding Certificate Error With Captive Portal

I was able to get Captive Portal setup successfully, but is there a way to prevent IE from complaining about a certificate error to get to the captive portal? I probably won't be able to use it because of this error, it would be too confusing to some of my users.Thanks for any help.

  • 24355 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks