General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

GlobalProtect Android version 13 issue

Global Protect login continues to fail on Version 13 Android.

 

It seems to have been caused by Android security enhancement issues.
 
created it with SHA 384 but I can't log in.
 
"The network connection is unreachable or the portal is unresponsive,
...

qmso475_0-1701243435266.png
qmso475_1-1701243590189.png
qmso475_2-1701244110530.png
qmso475 by L3 Networker
  • 954 Views
  • 4 replies
  • 0 Likes

Block Connections from Different Region

Hi All,

We have a requirement to setup a Block rule for the users connecting to GlobalProtect from different countries. We need to allow users only from one particular region to connect to GlobalProtect.

 

In Prisma we can use the Specific Tag and Sp

...

Resolved! PA-200 Stuck in Maintenance Mode, attempting factory reset

I'm attempting to factory reset a PA 200 that was on the spares shelf.

 

The unit appears to be stuck in Miantenance mode, every reboot command boots in maintenance mode.

 

I attempted to execute the factory reset and the message I get is:

"No curren

...

Slow speed with GlobalProtect

Hi to all,

We are trying to understand why the download speed is really slow vía GP.

We stablish a VPN GP with IPsec without Split Tunneling. We acces to some public web to download a test file. Im downloading a 1G file.

If we download without GP but th...

nanukanu by L2 Linker
  • 44125 Views
  • 16 replies
  • 0 Likes

Failed to establish GRPC connection to AceMlc2 service: failed to start grpc connection with address ace.eu.hawkeye.services-edge.paloaltonetworks.com

Getting below alert from the hardware firewall.

 

"Failed to establish GRPC connection to AceMlc2 service: failed to start grpc connection with address ace.eu.hawkeye.services-edge.paloaltonetworks.com:443"

 

Followed the below document but no luck.

...

CyberEye by L3 Networker
  • 890 Views
  • 3 replies
  • 0 Likes

Resolved! Remove Device Certificate

We would like to remove the device certificate from a couple of our firewalls.  We don't use or need the device certificates at this time and would prefer them not be installed.

 

I tried to do a factory reset and the certificate automatically downlo

...

jwill2 by L1 Bithead
  • 442 Views
  • 3 replies
  • 0 Likes

Extending VLAN through IPSEC + GRE

I am trying to extend the VLAN from main site to branch site using a combination of GRE and IPSEC.

 

Below is a quick representation of the architecture, the objective is to enable remote communications between the main and the branch sites for all d

...

OELHANCHI_0-1714232289883.png

VM-50 discontinued?

Hi,

 

We have a VM50 firewall in our business for 3yrs and have been told that the VM-50 is no longer available? As such, we need to get a VM-100 licence. Are there any other options? - since the cost is double?

 

Thanks

cluster

Hello, Can you form a HA cluster with a PA-3020 and PA-3060? Or do models have to be identical?

Joeful by L0 Member
  • 184 Views
  • 1 replies
  • 0 Likes

Globalprotect-Need LDAP and RADIUS auth(MFA)

I am currently using Digipass Vasco OTP as RADIUS for Globalprotect. Users just put in their LDAP username and the OTP to login.

I'm looking to add another factor i.e LDAP username and password before they get prompted for RADIUS token. Pls help me co

...

App-ID confusion and blocking spotify

Hello, 

I'm trying to work on a request to totally block Spotify on our network for 1 host (could be more in the future) and I thought App-ID would be the best option for this but since it depends on SSL and web browsing it's dropping all traffic when

...

cruz77 by L1 Bithead
  • 2818 Views
  • 5 replies
  • 0 Likes
  • 24298 Posts
  • 99 Subscriptions
Top Solution Authors
Top Liked Authors
Labels