General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Resolved! Internet Outage Occurs After Migration - All Packets Aging-out

Hi, I am working on a Palo Alto Networks Firewall migration project. I exported and imported the configuration with a few errors that I fixed and when migrating from the old to the new PA-3220 firewalls. All internal communications wtih LDAP and other servers are working and the routing protocols are coming up internally and externally. I can al...

Authentication failed from AD

Hello,I have integrated the AD with Paloalto , it is working fine and i can see the IP user mapping is correct, once i tested authentication profileI got the below error:- Once i tested the authentication by local profile it is working fine. Can anyone help me on this to reolve this issue.

Jafar_Hussain_0-1596457062859.png
Jafar_Hussain_1-1596457142802.png

Administrators - AD users

Hello, Community. Do you know if is there a way to change the "level admin" of an AD's user? In Device > Administrators I can't see the firewall's admins. Just the "admin" account. If I try to create a new account, I can't do it. The LDAP users can manage the firewall but they are not "Super Users". Currently, we have 2 firewalls in HA, conn...

iscott by L2 Linker
  • 3679 Views
  • 3 replies
  • 0 Likes

Cannot install PAN GP VNIC driver

I have tried for over a month to install Global Protect and have it work, and can't begin to count on how many installs/uninstalls of Global Protect I have done. Many people have tried to offer suggestions and it seems like the root cause is the PAN GP VNIC driver cannot be installed. When I try to install it manually via the inf, I get an Acces...

dcwebman by L1 Bithead
  • 11522 Views
  • 5 replies
  • 1 Likes

How to block skype ?

I have tried https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClKTCA0https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClQWCA0but still send/receive message via skype I don't implement ssl decryption PA-850Software Version:9.1.3-h1Applocation:8300-6225(07/31/20) Tks

How to send traffic for email logs to port 587

HI Everyone, I have configured email profile to send system logs of firewall. I have configured the smtp server and my SMTP server is listening in port 587 but the firewall is sending traffic to the destination SMTP server using port 25. Can anyone let me know how to make the firewall to send the traffic to destination server on port 587? Regard...

Problem with Macos 10.15.5 with no HIP report

Hello, I'm facing a strange case with a Macos device running under 10.15.5, with Global Protect 5.0.9 installed.On the client side, there is no information displayed in the Host Profile tab.The client logs show no particular problem, and the HIP report can be found in PanGPA.log file. Obviously, the traffic from this client would fail HIP checks...

cnamurdc by L1 Bithead
  • 2747 Views
  • 1 replies
  • 0 Likes

GP Issue with LDAP timeouts

Hello Folks , We are having an issue with LDAP auth . We have two servers in LDAP profile 10.1.1.410.1.1.26 The timeout settings areBind timeout 30 secondsSearch timeout 30 secondsRetry 60 seconds The GP timeout is 80 seconds The behaviour is quite random . Most of the time the auth fails to 10.1.1.4 but it never goes to next server but some tim...

Resolved! Error when starting GlobalProtech

After installing Globalprotect the following error show. "The application was unable to start correctly (0x00007b0.I'm trying to install this on Windows 10 Enterprise. My login to this laptop has local admin rights so I don't think that is the issue. I have also tried uninstalling the program and trying the install again with virus protection ...

susdtech by L1 Bithead
  • 8291 Views
  • 7 replies
  • 0 Likes

Resolved! Certificate import via CLI on Panorama to a specific Template Location

All, I haven't opened a TAC case yet, but I am seeing an issue importing a certificate to Panorama 8.1.14-h5 via Chrome browser. We are seeing this issue on the PAN-OS fireawlls as well. I know how to (and it works) to import via CLI. However I dont see a place we can do that via CLI to a specific Template location in Panorama. Any ideas?? Mayb...

Unexpected behaviour in security policy

I have one server belongs from the DMZ zone.Example:-server ip- 2.2.2.2source ip for VPN user - 1.1.1.1VPN zoneDMZ zoneThere is 2 scenerio:-policy(1) - I have created a policy like:-sourcezone- VPNzonesource ip - 1.1.1.1destination zone - DMZ zonedestination IP - Create an address object for 2.2.2.2.Application - ANYservices - ANYAction - Allown...

Failed to add imported nodes into Panorama

Hey Team, I thought I would share my experiences with adding firewalls into Panorama and receiving the error message in the subject. The scenario is a HA pair with multi-vsys compatibility enabled - and 5 virtual systems. In all cases, adding the Primary/Active firewall to Panorama works perfectly fine; the issue lies with adding the Secondary/P...

New AppID Category

I work for a K12 School district, and like many K12 school districts we are preparing for online testing for state proficiency testing.We have also used online testing for AP testing, vocational testing, etc...Online testing is one of the high priority items for all the K12 schools in our state, and I know that other states are in the same boat....

Resolved! Panorama device management via loopback

I have remote PA firewalls deployed with IPSec tunnels back to our data center firewalls. The remote management interface is not used; I created a loopback and configured all service route items to use the loopback. However, in Panorama Managed Device Summary, it still shows the remote management interface IP (which is not connected to anything)...

  • 24393 Posts
  • 123 Subscriptions
Top Solution Authors
Labels