General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Online payment with SSL decryption

Hi

We have SSL decryption enabled on our PA NGFWs but our users have reported issues relating to online payment transactions. We have worked around this by creating a whitelist to bypass decryption but as more sites offer payment facilities online, i

...

Joe_Ng by L1 Bithead
  • 2030 Views
  • 3 replies
  • 0 Likes

Internal Host Detection in GlobalProtect

I am confused with GlobalProtect offical documents.

From GlobalProtect troubleshooting guide:

Internal Host Detection
Internal Host Detection provides hints to GP client to determine quickly if the PC is inside or outside office. If it is not configured

...

linusso by L1 Bithead
  • 21344 Views
  • 4 replies
  • 0 Likes

Userid timeout - renew action

How can a user trigger/renew UserID? Is there some action a user can take on the PC that would trigger UserID renewal.

 

Rebooting is one way and has resolved this couple of times I was reported this issue. I think logoff and Log on should also work. O

...

raji_toor by L4 Transporter
  • 1566 Views
  • 1 replies
  • 0 Likes

Connect to globalprotect vpn using verizon mifi

Can you use a verizon mifi to connect to a globalprotect vpn tunnel? This is so they don't have to install the gp client on their pc. We do not have licensing for gp to be used on phones and to me a mifi is kind of a glorified phone. 

jdprovine by L4 Transporter
  • 3429 Views
  • 4 replies
  • 0 Likes

GP 5.2.5 Error authentication check failed

Hi Team,

 

We have GP 5.2.5 on PAN OS 9.1.7

Connection method is pre logon then on demand.

on GP Gui logs i see error  Error authentication check failed  for  ( eventid eq gateway-hip-check )

 

Even though we do not have hip check enabled on the GP.

Is this

...

Resolved! log at session end?

I have around 500 policies having 'log at session end' enabled and 'log at session start' disabled. I know Palo recommends logging at session end only but I also have a concern that for eg. a malicious file export that lasts for 8 hours and 10gigs go

...

  • 24110 Posts
  • 102 Subscriptions
This widget could not be displayed.
Top Solution Authors
Top Liked Authors
Labels