user id configuration with radius authentication

How do you configure user id in an domain that uses radius for authentication?

static route not active

Dears,

i create IPsec tunnel and add four subnet to it all subnet work good and see the other side but only one subnet not work when i look for show route found its route not active as attached the last subnet172.16.17.0/24 can any one help me

Regarding access between two sites

Hi Guys,

I need help regarding access to the Web Server.

Firstly, please refer to the image I have attached.

Our company has 2 different sites. Site A has a Web Server with two different Websites hosted (let's say xxx.com and zzz.com) and our employee

Static route path monitoring

After enabling path monitoring, firewall making that path as inactive even though ping is working 

Trouble uploading to tacupload.paloaltonetworks.com with SCP

Hoping someone can help me out. I've been on hold for ever 2 hours now unable to get support  

Support wants me to upload some core files to the TAC Upload server directly from the Palo device, but I can't seem to successfully do it from SCP on my P

Configuring PA-5250 to act as gateway for guest wireless

Hi All,

I'm attempting to configure a 5250 to act as the gateway and DHCP server for my guest wireless. I have a Cisco 9800 WLC directly connected via fiber from Gi0/2 to Eth1/15 on the 5250 over VLAN 825. I then created VLAN 825 on the 5250 as an SV

Agentless User ID based network administration control using Windows AD server for PAN-OS

Hi All,

I am looking for information on if we can use PAN-OS to do user ID based authentication for network administration control. For example, if user are working from home or remote location, getting users authenticated via PA Firewalls by integrat

Is there a limit to the number of objects within a dynamic address group?

I'm working on doing some clean up, and I want to take advantage of dynamic address groups. I have 943 address objects tagged and one dynamic group. 

When I monitor the logs, I see some traffic bypassing my rule and going to rules below. I checked the

URL Filter Security Policy Structure

Hello all. New to PAN, and after reviewing the documentation on URL Filtering, I'm confused on the best practice deployment of the policy structure. Here's what I mean:

Let's say I want to break out the policies into multiple granular policies for cu

session_end_reason eq decrypt-error

I have a high number of sessions, for various webservers and clients, being closed due to decrypt-error. I've attempted to follow the tips from this document, but I'm still not clear on root cause: 

https://live.paloaltonetworks.com/t5/Configuration-A

Query regarding upgrade Path to 8.1.21-h1

I have a PA-500 device running on 8.1.20 currently .

From this version can we jump directly to 8.1.21-h1 Or we need to go via intermediate path ?(8.1.20 >8.1.21>8.1.21-h1)

Also not able to see any Palo Alto reference article about upgrade path , Is it