This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4119 Views
  • 0 replies
  • 0 Likes

Palo Alto and CIsco Jabber isssues with Global Protect

Hi, We are having issues with cisco jabber using Global Protect.Clients reported that the jabber status (online/offline) is wrong so they have issue calling. The rule VPN-SSL zone to inside is any/any, so no restriction. Looking in pcap we can not see any drop.I have no evidence in the FW but the common point is the Palo with VPN GP.Have you rep...

BigPalo by L4 Transporter
  • 3441 Views
  • 1 replies
  • 0 Likes

Some users do not appear in the url filtering monitor logs.

Hello community I have a PA-220 firewall with version 8.1.16, the error that is occurring is as follows I have several users in a policy which has url filtering, some users are not shown in the logs of url filtering. When I filter users that are in the url filtering policy, some of them show up in the logs and others do not show anything even th...

URL_filtering.png

IPSec Crypto / browsing issue?

Hi All, I working on some firewalls and saw the GlobalProtect IPSec crypto profile but was using aes-128-cbc, I decided to change it to use aes-128-gcm, to take advantages of gcm benefits. Since that change, I have a user who is experiencing issues. They can connect to GP and have no problems accessing internal resources but they are unable to b...

Digital Events are Coming to LIVEcommunity!

Hi everyone, Yesterday we announced the launch of digital events on LIVEcommunity and introduced our first Ask Me Anything (AMA) event — a Q&A session focused on a specific topic where you can connect with experts! The first AMA event is taking place on April 8 at 10AM PDT, all about professional services and how they can help you in di...

jdelio by L7 Applicator
  • 4329 Views
  • 3 replies
  • 5 Likes

User-id Credential Check TEST?

I have everything configured following the documents I found online. I see from the user-id logs the BF is being exchanged with the FW. My users login using pre-win2000 id's. (LNameFI) Verified by monitoring the id's and IP's in User-id app. So now to try testing. Most sites today require a long ID. Usually your email address. I went to a...

DeadBeef by L0 Member
  • 2815 Views
  • 1 replies
  • 0 Likes

Corporate Credential Submissions

Hi All, I have a question about Corporate Credential Submissions functionality, specifically when using Domain Credential Filter. To confirm, does this method use the full AD UPN and password to match? E.g - Let's say my logon name is 'josh.test' and full UPN is 'josh.test@test.com'. Would Domain Credential Filter match both of these with a vali...

Josh990 by L2 Linker
  • 2121 Views
  • 1 replies
  • 0 Likes

Resolved! Globalprotect: Externel On Demand logon with RADIUS, internal SSO

Hi Community, my customer wants to use Globalprotect for on demand login with a MFA radius server.Everything fine - configured is and it works. Now, we want to use Globalprotect as an internal UserID source.So every GP-Client needs to do Userlogon SSO when connected to internal network (should be completely transparent to the users). But only on...

Chacko42 by L4 Transporter
  • 5983 Views
  • 8 replies
  • 0 Likes

GP 5.2.5 PANGPS crash when waking from ModernStandby

We have been seeing this over the last few weeks. Here is the sequence of events when the crash takes place. (EDIT) Crash occurred at 13:01:24 , which is after this line: (P6096-T15724)Info ( 374): 03/29/21 13:01:23:463 tunnel to 63.240.97.1 connected This happens only after the computer wakes from modern standby. And it doesn't happen every t...

Resolved! Random Private MAC address

I use DHCP reservations to ensure the devices on my network get the same IP address every time. I have security and routing policies that depend on known IP addresses. Recently Apple, I’m sure other will follow, enabled a feature that by default that randomly selects a private MAC address when they lease an IP address. I realize that you can dis...

rmcrae by L3 Networker
  • 3692 Views
  • 1 replies
  • 0 Likes

Resolved! GlobalProtect: always-on pre-logon external and not logon internal is not working

I am trying to setup GP as always-on (pre-logon) when the user is external and not connect while internal. My understanding was that the internal host detection setting was suppose to let the client know that it was internal and not try to connect to the external gateway. That does not seem to work, or most likely I just did not understand the w...

Resolved! GlobalProtect slowness

Is anyone that is using GlobalProtect seeing significant performance issues? We are running PAN OS 5.0.10 and GP 1.2.8. We are also doing full tunnel. When I do a speed test from home without GP enabled I get 20 Mbps down and 5 Mbps up. With GP enabled I get 5 Mbps down and 0.25 Mbps down. Now I understand that I should be seeing some impac...

legeremt by L0 Member
  • 9974 Views
  • 8 replies
  • 0 Likes

Minemeld support on either Ubuntu 18.04 or 20.04?

Does anyone know when Minemeld may be able to run on either Ubuntu 18.04 or 20.04? It installs fine on 16.04, but with support for Ubuntu 16.04 ending on April 30, 2021, I would like to install it on one of the later releases will will at least have a couple more years of support and security updates. While it installs on 18.04, and I can get ...

RichardB by L1 Bithead
  • 3390 Views
  • 4 replies
  • 0 Likes

SSO fails by first time login

Hi All, GlobalProtect pre-logon is configured. The computers connect pre-logon just fine. However, if this is the first time a user is logging in, or someone else logged in last and they had to change back to their username, GlobalProtect prompts the user for credentials after windows login, even though everything is configured for SSO. If they ...

  • 24335 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks