LDAP-S Authentification failed (LDAP-S with TLS1 ?)

Hi,

while using LDAP-S (port 636) on a PAN Firewall for a connection to an active directory on a Windows Server 2019 I have the problem that the Firewall just can't connect.

If I try the "test" command for testing the authentication profile I get thi

maximum length of TACACS User ID

We use TACACS+ server for admin authentication.

Is there a limit on the length of an ID?  I have one that is 40 characters (we use email IDs).

Getting an auth-success log message for this user, but then a Critical "create-admin-acct-error" message:

F

PRTG monitoring thresholds

Hello, i am implementing PRTG and monitoring my PAs. We can monitor CPU, Disk free and Memory. My question is which should be the thresholds and how to react?

Authentication Policy for non-HTTP traffic - Remote Access users.

Is possible to use Authentication Policies for non-HTTP traffic (using the Global Protect client), and specifying LDAP authentication? All examples I have found are related to MFA, and I would like to know if it is possible to authenticate RA users u

interest in a MineMeld ESXi 6.5 OVA?

I have a working OVA of MineMeld installed on Ubuntu 18.04 server. One of the guys here where I work put in a ton of hours getting it installed and working. Is anyone interested in getting a copy.

If so does anyone know a good repository to put it?

How do I run multiple commands?

How do I run these commands with one command/automation?? (instead of one by one manually)

!taskComplete id=7
!taskComplete id=33 input=no
!taskComplete id=138 input=Spam
!taskComplete id=237 input=Spam
/incident_set phishingcategory=Spam incidentcategor

Device State from Multiple Devices

I have a question and I am hoping I am not the first person to have asked it, and that there is a script out there somewhere.

I am trying to get the device state from multiple firewalls and need to somehow put it in a script.   I do leverage the sc

PA220 and IoT Security Policy Recommendations

Hello everyone.

I am trying to get the policy recommendations from IoT Security to work.

After following the detailed onboarding instructions, everything seems to be properly set-up on both the firewall and the IoT Security portal.

All licenses are act

Iinux smart cards supported for globalprotect 2fa authentication?

Dear community!

I have a quick question:

Dos globalprotect support 2fa authentication with Linux smart cards?

Thank you!

Alert on Policy Rule Modification

Hello Everybody,

I would like to know if there is a possibility to be alerted in case of modification of a rule.
For example: if a rule is modified, an email is automatically sent to a specific person

Thank you

Valentino

GWLB AWS - HA what to do if both appliances go down?

We are deploying two PA on AWS using GWLB and we are wondering what would happen if for any reason both aplliances go down , since all traffic (inbound , outbound and inter-vpc) is going through the FWs , do you know a quick bypass or fail-open solut

management interface & service route configuration

Hello
I am new in palo alto, I did a self-training
I would like to have more details about the relation between the management interface and the service route configuration
I have a little bit stuck on when to use the route configuration service
I think

Azure Tag in Security policies

Hi There,

How we could create dynamic security policies from Azure tag. In the Azure Market place I do see this statement.
"policies that are dynamically updated based on Azure tags assigned to workloads, allowing you to reduce the attack surface are

Session end reason: tcp-fin and aged-out?

Hi all,

I am using PA-850. I am having the problem. sometimes the internet is blocked. and I see in the monitor, the sesson end is: tcp-fin and aged-out. but after refresh some times, then I can access to internet.

Please help to advise how to fix it