General Topics

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free

Hey Everyone!

The Fuel User Group is now part of LIVEcommunity! If you haven’t come across Fuel before, it’s a space where you can connect with fellow cybersecurity folk, share knowledge, and learn from each other. It’s completely free as well! Fue

...

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

Rules and Best Practices

Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion

...

Zone Protection - Reconnaissance

Hi,

Are there any best practice settings for the reconnaissance portion of the zone protection profile.

I see the default has the below. Is it recommended to leave as defaults or does someone have a better recommendation?

TCP Port scan 100 events wi

...

Resolved! GlobalProtect Gateway is not licensed

Hi,

I'm working on home lab and tried to configure clienetless global protect eveything went well expect when i authentate the user i got this message " GlobalProtect Gateway is not licensed. Contact system administrator. ", however during my reading

...

GP Split Tunnel with Microsoft O365/Microsoft Teams & GP License

Hello All,

It appears that the large list of IPs and domains to completely enable split-tunneling with GP for O365 & Microsoft Teams requires the GP license to facilitate defining domain names in addition to IP networks (which I understand works with

...

Resolved! Releases date 9.1.1

Hello,

Can someone said me the release date for PAN-OS 9.1.1?

Regards,

Can URL Profiles be used if there is No URL Filtering License?

Can i use URL filtering using custom URL categorys if i do not have a URL filtering license.?

when i try i get the following warning message.

No valid URL filtering license,

Resolved! User-ID: Is possible to retrieve groups without sever monitoring?

Hello community,

I´m sharing with you this doubt you maybe can help me with:

I´m only interested in having the group-user mappings and not ip-user mappings. Is this possible?

Furthermore, is it possible to retrieve group-user mappings without having

...

Can't connect firewall to network

I'm trying to setup a PA-220 for the first time. I'm able to access the fw via the web interface when I directly connect my laptop to the mgmt port.

I'm stuck on Step 11 (https://docs.paloaltonetworks.com/pan-os/9-0/pan-os-admin/getting-started/inte

...

Unable to disconnect Global Protect in Linux machine

Hi Team,

I have configured GP using "On demand" method when I tried to disconnect GP by ran the command (

user@linuxhost:~$globalprotect disconnect ) getting below error,

sweekrit@sweekrit-HP-240-G6-Notebook-PC:~$ globalprotect show --error
Unable to e

...

Resolved! Names instead for IP address on routing table

Hi there,

We have a PA with two Virtual Routers, Internal VR and DMZ-Internet VR. When I type show routing fib virtual-router "Internal VR" for example the forwarding table shows a name for next hop and interface, see the output below:

show routing f

...

"Disconnect on ideal" not working - Global protect

We have set Disconnect on ideal for 20 min and we have tried to log off from the PC and login after 20 mins and GP is still connected,what could be the issue.

Inactivity logout seems to work after 2 hours

Palo version 8.1.13

GP- 5.1.1

which answer is right?

A company needs to preconfigure firewalls to be sent to remote sites with the least amount
of reconfiguration. Once deployed, each firewall must establish secure tunnels back to multiple regional data centers to include the future regional data center

...

GP VPN having some issue with Okta authentication

Does anyone else having below issue with the Okta CDN? Screenshot has been attached for reference.

authentication sequence with LDAP and SAML

Hi Community,

I have a requirement to have client authentication in globalprotect portal/gateway to have with LDAP first then another profile wich is SAML based. the requirement is to authenticate with SAML profile if LDAP auth fails. But as SAML pro

...

Resolved! How to check/find persistent sessions

How can we check from CLI sessions that have been running for hours or days.

Normalize UIA mappings 8.1.12

Hello,

I've searched and found a few posts but I can't seem to find the solution; prior to 8.1 UIA, all users shows up in UIA as domain\username. Since installation of UIA 8.1.12, it's a mix of domain\username and username@domain. It seems that in

...

General Topics

Discussions

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free

Welcome to the General Topics Discussions!

Rules and Best Practices

Zone Protection - Reconnaissance

Resolved! GlobalProtect Gateway is not licensed

GP Split Tunnel with Microsoft O365/Microsoft Teams & GP License

Resolved! Releases date 9.1.1

Can URL Profiles be used if there is No URL Filtering License?

Resolved! User-ID: Is possible to retrieve groups without sever monitoring?

Can't connect firewall to network

Unable to disconnect Global Protect in Linux machine

Resolved! Names instead for IP address on routing table

"Disconnect on ideal" not working - Global protect

which answer is right?

GP VPN having some issue with Okta authentication

authentication sequence with LDAP and SAML

Resolved! How to check/find persistent sessions

Normalize UIA mappings 8.1.12

FW Ha Cluster disconnected from Panorama

maximum number of bgp routes for VM-series

Flexible vCPU VM Firewall interfaces are down

Management and Dataplane on Vsys

Site flagged as GRAYWARE (PLEASE HELP!!!)

Re: Flexible vCPU VM Firewall interfaces are down

Re: Data center providing dual ports already in VRRP - my topology?

Re: PAN-OS Release Frequency

Re: Alerts for dynamic updates

Bug Search Tool (New Feature & UI)

Unlock your full community experience!

General Topics

Rules and Best Practices

Resolved! GlobalProtect Gateway is not licensed

Resolved! Releases date 9.1.1

Resolved! User-ID: Is possible to retrieve groups without sever monitoring?

Resolved! Names instead for IP address on routing table

Resolved! How to check/find persistent sessions