General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

LDAPS Falling back to LDAP

Our firewalls are configured for LDAPS on port 636 to our Windows DC. We have the require SSL/TLS option checked in the LDAP settings window. The useridd log shows:

 

2022-03-22 14:42:09.136 -0700 connecting to ldap://[dcserver]:636 with StartTLS...
202

...

Device Certificate Issue

Hi Team,

 

We are facing an issue with the device certificate. I have generated that OTP in the CSP portal and imported it into the firewall after I am facing the below issue

 

"Failed to fetch device certificate. Failed to send a request to the CSP serv

...

AhamadullahM_1-1648729460922.png

Resolved! URL Category Any

Is there any body has got URL Category Any?

I check the URL List document and there is no Any category.

Also, I had find a category called "uncategory".

Will Allow/Block List IP addresses will be categoried in "uncategory"?

What's the difference between

...

MineMeld behind proxy server - Using docker

I am trying to use a proxy for MineMeld Internet connectivity, and I have assigned proxy settings to the container instance. For some reason, it is not working and I probably need to especifically set proxy settings in the MineMeld application, but I

...

version 10.2.0 upgrade issue

Dear Support crew,


we have two PAN-3220. Our devices are HA. We received advanced evaluation package licenses for the devices, but my device operating system was 10.0.3 so the advanced licenses are only installed on PANOS 10.2.0.
According to the relea

...

Clientless VPN getting worse with each PANOS ver

Timeline of my struggles:

 

Somewhere between 10.1.0 and 10.1.4 the clientless VPN stopped showing icons for each app not super big deal because the apps still worked but after trying a couple upgrades...

 

10.1.5: brings the icons back! but now the apps

...

hshawn_0-1648251082166.png
hshawn_1-1648251180854.png
hshawn_2-1648251223066.png
hshawn by L4 Transporter
  • 2903 Views
  • 4 replies
  • 1 Likes

Resolved! View debug status

Hi,

I come from Cisco background and getting familiar with Palo Alto firewalls. 

My query is about checking any debug running on the box and how to turn it off. In case of Cisco, show debug will show any active debug(s) and undebug all would turn it of

...

Value from SNMP polling sometimes 0

Hello,

I have small issue with snmp.

 

We're monitoring PA's interfaces via SNMP.

Sometimes values are 0, so it causes 100% of interface usage.

 

Similarly, when I use cmd "show counter rate eth~", sometimes it shows 0.

It happens when I execute cmd before

...

1.png
yhlee1 by L2 Linker
  • 1151 Views
  • 0 replies
  • 0 Likes

enable rules for MS Teams

Hello to everyone! This is my first topic))

Gents, need your help to enable MS Teams for user w/o internet access.

Need for users w/o authentication could start video conference in teams.

 

I added teams.microsoft.com to enabled address, also created MS

...

  • 24194 Posts
  • 100 Subscriptions
Labels