General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

UserID issue when using RDP via GlobalProtect client

Hello,I have the following issue when using RDP via GlobalProtect client.Situation:PaloAlto 820 with PAN-OS 9.0.9, GloablProtect Client 5.2.4, Windows 2016 Active DirectoryFor remote access we use GlobalProtect with Active Directory accounts (RADIUS authentication to AD)User-ID is used utilizing an UserID agent installed on the DCUser-based poli...

Cyber Elite video interview with Brandon Pry !

Just in case you missed it, our very own Cheryl Rasmussen took some time to interview one of our new Cyber Elite Members, Brandon Pry (@BPry) . Take a moment to check out Cheryl's blog and watch the video interview here: https://live.paloaltonetworks.com/t5/blogs/spotlight-interview-with-bpry/ba-p/373666 Super happy to have you on board in t...

Bpry.jpg
kiwi by Community Team Member
  • 4895 Views
  • 3 replies
  • 5 Likes

Resolved! Device certificates for Panorama-managed devices

Hi,The screen below is from support.paloaltonetworks.com in Assets/Device Certificates.I am trying to get the device certificates for the firewalls that are managed by Panorama, without doing it locally on each firewall.In Panorama, where to I go to get the "text/code provided by your Panorama"???That little blue "I" info button provides no info...

ksalustro_0-1610398739744.png
ksalustro by L3 Networker
  • 5196 Views
  • 2 replies
  • 0 Likes

Resolved! Share User-ID among VSYS

How to best share user-id's or ip/User-mapping between different vsys. I want share user to IP-mapping for users connecting through global protect in separate vsys. But i think usecase can be extended to non GP mappings too.

raji_toor by L4 Transporter
  • 3734 Views
  • 2 replies
  • 0 Likes

Enabling Security Features

Hi ,We have a customer running a cluster of PA 3060 . The goal is to enable security features on at least 30-40 percent of the rules initially . likeURL Filtering AntiVirusAntispywareWildfireVulnerability Assessment Are there any Best practices rules which covers or are generic to most ( if not all) organisations ? SSL Decryption is at later st...

Panorama Variables for HA A/A

Hi everyone!We have an HA A/A deploy, management vía Panorama.Have i any Variable to use for NAT's like Device-ID? to perform macro configurations? Regards

Rojaba by L0 Member
  • 2594 Views
  • 2 replies
  • 0 Likes

Resolved! Filter Output By Category

Hello everyone,I'm working with the Proofpoint EThreat,I'm trying to filter the output feed based on ET category.to archieve this, i'm editing the Output Node stlib with this condition:- actions:- acceptconditions:- confidence > 75- share_level == 'red'- proofpoint_etintelligence_categories == 'VPN'name: category CnC But it doesn't work, prob...

bereon by L0 Member
  • 3140 Views
  • 1 replies
  • 0 Likes

Windows Server 2003 with Agentless User ID

Hi guys, I am setting up agentless user-id with Windows Server 2003 Active Directory. My PAN-OS version is 8.1.16. For the setup, i've followed the guide here:https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClGGCA0 Currently i am being hit by this error message:When I looked up for NT error code 0xc002001b, it shows tha...

codemsittc_0-1610365644609.png
codemsittc_1-1610366073752.png
codemsittc_3-1610366486241.png
codemsittc_2-1610366325671.png

tacacs

Hi, I am using tac_plus linux server . user = larry { login = PAM member = admin } The above will support ? .As I know tacacs using pap or chap . In that case If can I use login = file /etc /password Or PAM in the server side configuration Thanks

lucucote by L0 Member
  • 2050 Views
  • 1 replies
  • 0 Likes

URL Category list with all URLs from SSL Decryption Exclusion

Hi, We are using SSL Decryption and I only allow SSL traffic for specific URL's and categories which are excluded from SSL Decryption.Palo Alto has it's predefined list with SSL Decryption Exclusions (Device > Certificate Management > SSL Decryption Exclusion). From time to time I go to a website and it is blocked because:- It is predefine...

How packets match security policy when when application are incomplete or insufficient

For an example, I have 2 security policies ruleA) source ip: any, source zone: any, destination ip: any, destination zone: any, application: dns, service: any, action allowruleB) source ip: any, source zone: any, destination ip: any, destination zone: any, application: any, service: any, action allow and traffic initiate from client is DNS reque...

Resolved! Webex Room Kit Plus won't register to Webex Cloud thru Palo Alto

I am trying to route traffic out our new PA-820. Internet Access seems to be working as designed with URL filtering applied for our End Users. The issue is with our Webex Video Units ( Room Kit Plus) that register to the Webex Cloud. Once I redirect the traffic from our Cisco ASA to the Palo Alto the Device, Video Endpoints will not register wi...

HPE iLO 5 Not working as GP Clientless VPN App

Hi, I added HPE iLO 5 as a new GP Clientless VPN Application, but it is not working. It seems it calls java, but based on PAN documentation it is supported javascript on Clientless VPN. There is any special thing to do for the javascript part? As you can see the page launches, so Security policies are allowed, but stays here stuck: Has anybo...

banksants_0-1609623112815.png
  • 24400 Posts
  • 123 Subscriptions
Top Solution Authors
Labels