General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

GP saved password removal

GP client was set to save both username and password.

Customer wanted to have this changes to no-longer save the password.

I changed the client config settings to "save username only", but the user is still not asked to enter their credentials.

Do we ne

...

CHKlomp by L2 Linker
  • 1775 Views
  • 0 replies
  • 0 Likes

Firewall not Import to Panorama

 

 Multiple Firewall are configure on Panorama. All the devices are successfully uploaded to Panorama. Now,I am making all the changes through Panorama to firewalls – which are being pushed to the firewall. But for one firewall,If made few changes to

...

Minemeld on AWS cloud

We are planning to install Minemeld on our AWS cloud using the cloud formation templates link provided in the Minemeld portal Homepage. But the  Install Minemeld links are outdated and it is not working. The AWS cloud formation templates are restrict

...

Jeyanth by L0 Member
  • 1863 Views
  • 0 replies
  • 0 Likes

Resolved! LACP not active, negotiation failed. One member is not happy

Hi All,

 

PA-3060, PAN-OS 7.1.17

 

Please see below:

 

 

LACP:

**********************************************************************************
AE group: ae1
Members: Bndl Rx state Mux state Sel state
ethernet1/17 yes Current Tx_Rx Selected
ethernet1/18 no Cur

...

ddd.JPG
myky by L3 Networker
  • 9256 Views
  • 3 replies
  • 0 Likes

DNS Application uses more DP CPU utilization

Hi,

 

We are facing issue with DNS Application, it uses more DP CPU Utilization 60 to 70%.

We have done DNS Application override but no luck.

 

Please find the DNS Session details below.

 

Mem-Pool-Type MaxSz(KB) Threshold MinSz(KB) CurSz(B) Cur.Alloc Total

...

Clear text traffic to DLP

What do you guys do to send clear text or SSL decrypted traffic over to a nDLP for further action?  In my case, the nDLP only support ICAP in order for it to accept traffic from its peering devices. Since PAN doesn't support ICAP at all and I am in s

...

rKarki by L1 Bithead
  • 2127 Views
  • 1 replies
  • 0 Likes

Resolved! cannot find matching phase-2 tunnel for received proxy ID

We have a site to site VPN setup that was allowing one IP. On the ipsec tunnel sec proxy-id allow local (10.1.2.1/32)  which was working just fine.

We had to recently allow two more IP's 10.1.2.20 and 10.1.2.75. I Changed the ipsec tunnel sec proxy-id

...

bino150 by Not applicable
  • 27900 Views
  • 7 replies
  • 1 Likes

Internal Gateway configuration problem

I'm using PA-3220 firewall.

Ethernet 1/1,1/2,1/3,1/4 is connected to main switch, Cisco AP, Internal router and server 10Gb switch.

 

I setup a GlobalProtect internal gateway for using User-ID and used vlan 1 (192.168.1.2) as the gateway and Portal's IP

...

Use Google Apps as User-ID Identity Source

Fellow Engineers -

 

Wondering if there is a way to integrate User-ID with Google Apps, such that a school that has deployed Chromebooks can use the students' existing Google login IDs to identify the users on the Chromebooks.  Does anyone know if this

...

Authentication Sequence not working

Hi All,

 

I have successfully tested Authentication policy using LDAP, MFA (Okta API), SAML and RADIUS (Okta). I am working on the redundancy scenarios wherein if Okta fails, the fallback would be LDAP. I am using RADIUS (Okta) and LDAP in the Authenti

...

Chromebooks user-id ?

Has anyone tried to get a userid authentication from users with Chromebooks?  We are evaluating Chromebooks to be used in a laptop cart setting in our school.  I don't want to fall back to a portal login if there is any way I can get a current user o

...

  • 24188 Posts
  • 101 Subscriptions
This widget could not be displayed.
Top Solution Authors
Top Liked Authors
Labels