Include/Exclude subnetworks for user mapping

Hi,

Just want to know, what is the exact role of include/exclude subnetworks in Palo Alto user mapping & how it will work on back end.

How do I select an asset when filing a support case?

Hi, 

Weird question, but I'm trying to make a support case for a firewall, and I'm on Step 4, where it's asking me to "Please select the asset for which you are filing the case." No matter where I click in the table, there doesn't appear to be any way

commit fail due to BUG/ PAN-172580

can anyone let me know in what release PAN-172580( BUG ID)will be resolved?

Can Panos block URLs based on the URI path?

Hi,

What we are trying to do is block domain.com but allow domain.com/api/something1

I tried this in the lab and I'm thinking nope it can't do it, even with SSL decryption it doesn't work!

Email attachment issue

Hi Team,

We have configured Email alert scheduler to get logs daily and monthly.

We getting daily logs with attachments and not getting monthly logs and attachments. 

Sometimes we getting monthly logs email but attachments are not there.

PANOS 10.0.5

Does anyone use HIP check on the local LAN as a NAC solution?

I understand that a HIP check can be used on the local LAN when the GlobalProtect client connects to the internal gateway.

• How effective is this as a NAC solution for the internal LAN?

• Without 802.1x authentication, does a machine without GP installed

HA Clustering session synchronization

Hello!

I have some question about session synchronization in HA Clustering (geographic cluster). All firewalls in HA clustering use the first rule for traffic that should not match it, this only happens on geoclustered firewalls. Later, the rules are

Block Access to private Gmail but allow corporate

Hi all.

Im looking for a solution to block user access to private gmail accounts but allow a corporate accounts to be used.

I'm aware that there is a solution involing proxy server and X-forwarder.

Is there any other way to do this without dedicated pro

Authentication of Users through Captive portal query

Hi Team,

We had configured captive portal on the firewall recently.

In Authentication policy we had selected source users as any and we are using Active Directory for Authentication.

Also we had configured agentless user-id mapping on the firewall an

Creating subinterfaces on Active Active HA

Hello ,

I have to create 6 Subinterfaces on A/A cluster

So i need 3 IP addresses from each VLAN -  1 for FW1  , 1 for FW2 and 1 as Floating IP

My question is , do i have to go to each firewall separately to configure the respective IP ?

If yes , what