General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Windows radius with certificate config

Hi there,

 

I am testing Radius configuration for our admin accounts using windows NPS over PEAP-MSCHAPv2. I have our local CA cert in the cert profile and configured all the required params like vendor specifi attributes,etc. When I run a test authent

...

Jamesy by L2 Linker
  • 2620 Views
  • 2 replies
  • 0 Likes

Maze Ransomeware Coverage

Hi Team,

 

Please let us know the coverage against for Ransomware-Maze under threat in our Palo Alto IPS.

 

Best Regards,

Sahul Hameed

SahulH by L3 Networker
  • 4608 Views
  • 7 replies
  • 0 Likes

CAPTIVE PORTAL TIME-OUT

SETUP: PALO ALTO connected to ACTIVE DIRECTORY for groups
CAPTIVE PORTAL ACTIVATED 
idle time-out 500minutes
timer: 600minutes

CLI> show user ip-user-mapping ip x.x.x.x

SCENARIO 1: 
user log in to PC > mmp1234
CLI> show user ip-user-mapping ip 1.2.3.4.
Ip ad

...

Traffic-Log refreshs is broken when using long filters

Hi Community,

 

I often have the problem, that the traffic log view is refreshing automatically when using long queries.
I have the auto-update set to manual but after seeing the first filtered log entries, the whole log-area refreshes - very annoying.

 

...

Chacko42 by L4 Transporter
  • 3073 Views
  • 8 replies
  • 0 Likes

Resolved! NAT RULE - IPsec VPN

Hello all,

I am implementing an IPsec VPN and I have to NAT the source IP address, but I am very confused with the bidirectional source NAT,

Lets say my local IP=192.168.1.1 (natted to 1.1.1.1), remote IP in the other side of the VPN= 10.10.10.1

For exa

...

joseglez by L1 Bithead
  • 6096 Views
  • 4 replies
  • 0 Likes

PA-5050 8.1.11 Inter Vsys traffic

Hi all,

 

We got a Palo Alto 5050 active/passive HA configuration with two vsys with a lot of inter-vsys traffic.

Our DP1 is running at 100% during working hours.

 

I am convinced that the problem is that inter-vsys traffic can't be offloaded to hardware.

...

GlobalProtect linux

I'm trying to get the linux client to always connect.

Manually running a shell script to check if globalprotect is running and then connecting again works.

But if I run this same script with @reboot from crontab -e it never connects, until I actually

...

yuyugoqo by L0 Member
  • 2015 Views
  • 3 replies
  • 0 Likes

adding zone and subinterfaces

Hello 

 

I have panorama 9.0.4 and palo alto fw 8.1.7

 

we are not using templates

 

I have to create 6 zone and subinterfaces . So do i need to create them locally on the firewall ?

 

Will it get sync to panorama automatically ? or do i have to do something

...

Globalprotect-Need LDAP and RADIUS auth(MFA)

I am currently using Digipass Vasco OTP as RADIUS for Globalprotect. Users just put in their LDAP username and the OTP to login.

I'm looking to add another factor i.e LDAP username and password before they get prompted for RADIUS token. Pls help me co

...

Resolved! Block email attachment from specific domain

Hello experts,

 

Is there any way in Palo Alto to block email attachments coming from specific domain?

Lets say i want to block all email attachments which are coming from *@xyz.com. Is it possible?

Vikashh by L2 Linker
  • 4017 Views
  • 5 replies
  • 0 Likes
Top Solution Authors
Top Liked Authors