OpenVPN support on Palo gateways?
Palo gateways have supported ipsec site to site vpn for a long time. Do they also support acting as an OpenVPN gateway? I dont mean openvpn passthrough to a backend. I mean actually being the Openvpn endpoint.
Palo gateways have supported ipsec site to site vpn for a long time. Do they also support acting as an OpenVPN gateway? I dont mean openvpn passthrough to a backend. I mean actually being the Openvpn endpoint.
Hi, i found a PA 200 in the trash, it works fine, is it viable to use it as a firewall. I don't have access to any support at all. Not even a os update of some kind. And is there any way i can get said update. Have a great day.
Is there a way to "revert" via cli? I don't mean config changes either, I mean like the following places: 1. Network > Interfaces > Ethernet1/1 2. Device > Setup > Management I'd like to script out reverting these.
I don't think there is, but just double checking. Is there anyway via GUI or CLI to shutdown a port on the Palo? There are times when I would like to do some configuration, such as sub-interfaces and so on to an aggregate group that is plugged into the core switches. At times this can cause an issue so I would like to be able to shut the por...
Hello, We cannot export the metadata, when you are in the FW, in the Global protect section, it does not allow you to enter the IP or the Vsys. When I select in the Authentication Profile, the profile from which I want to export the data, and I select the Globalprotect Service, it does not automatically show the VSYS,and select the Globalprote...
Hello Palo Alto Community , I have problem in communcating betwen Fire wall and Domain Controller (ldap).Status show me Acces Denied on Server Monitoring,i try change user roles to fix it , but again show me the same status Acces Denied . Please help me !
I've had a Palo Alto case open for almost 9 months now that appears to have devolved into a finger pointing match between Apple and PAN and I'm going to have to make some decisions here, I don't know if anyone else uses that functionality or not. Apple re-wrote the VPN APIs around IOS version 12.1 where they only allow "Connect on demand" (AKA ...
Hello, I've seen on my Palo Alto 3220 system logs dashboard applet a ton of Access Denied messages regarding our domain controllers. However if I go over to Device > User Identification, all 4 of our DC's there are listed as connected in green. All 4 are Microsoft Active Directory, WinRM-HTTP. If they are green and connected there, why am ...
I configured the Base name and bind name properly but we facing the following error in putty “pan_user_id_win_get_error_status(pan_user_id_win.c:1130): WMIC message from server AD-Monitor: NTSTATUS: NT_STATUS_ACCESS_DENIED - Access denied” and “pan_user_id_win_wmic_log_query(pan_user_id_win.c:1439): log query for AD-Monitor failed: NTSTATUS: NT...
Got an old firewall, How much is the risk to upgrade from PANOS 6.1 to 9.1 now??? Any concern?
I have 2 security rules, one needs to run office hours and one needs to run non-office hours. If the tcp session remains (not closed) can the same traffic use different security rules based on time ? or because the tcp session remains and it will stick with the current rule and never use the other security rule even the time changes?
Microsoft makes extensive use of the name aka.ms to map to thousands of IPs in its Akamai content delivery network. I find that i have issues trying to use FQDN host object aka.ms in a firewall rule. Many times traffic doesnt hit the rule. I suspect its because Palo's periodic update of its IP table for aka.ms misses some of the addresses in use...
We are observing a high amound of session_end_reason eq 'n/a' during peak hours and results session end . any similar experiance ?
Install defender failing sudo ./twistcli defender install standalone host-linux \--address https://<CONSOLE> \--user <USER> Ref : https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-admin-compute/install/install_defender/install_host_defender Error: ./twistcli: line 1: syntax error near unexpected token `<'./tw...
I upgraded to PAN-OS 10.0 yesterday and encountered an unusual bug when pushing out a config to my 3220. I opened a case, but figured I would post it here as well, but don't expect screenshots. Symptom: After the Panorama upgrade a commit to the 3220 was giving the following error: Need to config WMI account and password for querying Microsoft ...
| Subject | Likes |
|---|---|
| 4 Likes | |
| 3 Likes | |
| 2 Likes | |
| 2 Likes | |
| 1 Like |
| User | Likes Count |
|---|---|
| 7 | |
| 5 | |
| 3 | |
| 3 | |
| 3 |

