General Topics

How often the Palo Alto LDAP group members get sync if membership changes ?

How often the Palo Alto LDAP group members get sync if membership changes?

If I add few more users into the group in LDAP after two weeks, it is configured on PA to block the sites, will it sync with LDAP groups?

RDP slow vía Globalprotect

Good morning, thank you very much for your support.

I have the following problem.

I have a PA-220 equipment, connected to the Internet via a 200mb symmetrical Adsl link.

Scenario:

PanOS 10.0.6

Globalprotect clients 5.2.7 ( win 10 )

PA-220 ---NAT1:1---

Not able to upload the file by google drive

hey team one of my customers has an issue with the firewall that the users are not able to upload files on google drive after adding allow the URL and application type in the security rule we added google base google drive docs to google uploading. a

SIP Register Message Brute Force Attack

Can anyone suggest why this alerts keep triggering on regular basis. Internal connection - destination port is 5060. Observed multiple SYN/FIN connection.

SIP Register Request Attempt(33592)

SIP clients typically use TCP or UDP on port numbers 5060 or

PA500 upgrade to PA460

Hi Team,

I need to upgrade my PA500 to new box PA460. PANOS software matrix says there is no way you can upgrade PA500 to any version newer than 8.1 nor you can downgrade PA460 to anything older than 10.1 which makes the process a bit tricky for me.

Syslog server profile configuration for wildfire 500

Please provide steps for how to configure Syslog server ip in wildfire 500 through cli mode. Because we have hardware of waf500 and access of cli mode currently. 

Retention showing 0 days for hourly , daily and weekly summary logs

At A location  PA VM500  firewall summary logs not showing for traffic , threat and URL logs. Retention period is showing for 0 days.

We haven't made any changes in log quota. Same setting is there at B location vm500 firewall and in that firewall ret

Palo Alto interface does not ping after a certain period of time

We are running NMS.

However, the operation method does not work internally and goes out to the VPN public IP.

trust -> untrust -> isp(internet outside) -> VPN untrust

Communication is done in the same way as above. In NMS, the status of VPN untrust is m

Way to fix a half activated VM-Series?

Fresh install of a VM-Series, 9.0.11.  I didn't manually allocate RAM, so it was running with 5.6G when I activated - get the message, increase RAM then activate again.  Shutdown, increase RAM to 10GB. Boot - firewall is now in a weird state where al

S2S VPN Phase1 down

We have deployed PA-VM in Azure. We are setting up S2S VPN with Cisco Router. PA-VM is the initiator.

All the P1 and P2 param are matching but Status for both are showing red.

System logs show:

 'IKE phase-1 negotiation is failed. Couldn\'t find configu

Customer Support Portal Account

Hello Everybody.

I want to know if can i two account in two different Customer Support Portals with same company mail?

Thanks!

BGP filter route only for /32 prefix

Hi Experts,

My question is, my Cisco switches advertise host routes to FW from many VLANs/VRFs together with other network routes, we want the firewall Not to accept the any routes with subnet mask /32 but accept anything else, can you help to see if

Agentless User-ID agent permissions

We are attempting to use the agentless User-ID setup with the understanding that the service account needed to be a member of the following AD groups: Distributed COM Users, Event Log Readers, and Server Operators. However, after reading the followin

Dynamic Address Group with Azure monitoring

https://docs.paloaltonetworks.com/vm-series/9-1/vm-series-deployment/set-up-the-vm-series-firewall-on-azure/vm-monitoring-on-azure/set-up-vm-monitoring-on-azure.html

In the end article tells to create DAG but how do I add VM's automatically to this g

System log message Clearing snmpd.log due to log overflow

I am wondering why I see the log 'Clearing snmpd.log due to log overflow' on several of my firewalls. Out of the ~20 firewalls I manage 2 or 3 firewalls log this message on occasion. The other firewalls never log this message.

I am trying to understa