General Topics
cancel
Showing results for 
Search instead for 
Did you mean: 
General Topics

Forum Posts

Resolved! GlobalProtect, Working from Home, Prisma Access and Covid-19

To all, Just wanted to post a message about the Hot Topic right now, which is Covid-19. With all of this going around, everybody's health and safely is the utmost concern. Keeping your hands clean, washing your hands (A LOT), using hand sanitizers, a...

jdelio by Community Team Member
  • 18364 Views
  • 41 replies
  • 32 Likes

hsts

Hi,Sorry to ask a general question here Is there a reason sometimes hsts break the connection with an error (your cnenction not private ).If two persons using same browser (eg; chrome ) , for first person it works and second does not Is there somethi...

simsim by L4 Transporter
  • 771 Views
  • 1 replies
  • 0 Likes

problem with IP helpers after migration

We're migrating from a PA-2020 to PA-3020.PANOS 6.1.12 Config migration went fine. And most functionality is ok on the new device.However our IP helpers don't work anymore. We use them on tagged subinterfaces.All subinterfaces on one interface connec...

dieter_b by L4 Transporter
  • 2137 Views
  • 5 replies
  • 0 Likes

Erroneous application port

I am getting a deny statement for port 8531 for application ssl. 8531 is for ms-update and my policy allows that but the default policy is denying it because it is tying it to ssl for some strange reason. I don't know how to get around that.

tglear by L1 Bithead
  • 444 Views
  • 3 replies
  • 0 Likes

Global Protect, Radius, SecurEnvoy, question

We had a strange issue with our 2Factor breaking this week, logs looked to be showing a radius auth MD5 missmatch. Between PAN 3020 and SecurEnvoy. During that time we had to many hands on the issue, and feel the team made it worse... So some back gr...

ktruex99 by L0 Member
  • 335 Views
  • 1 replies
  • 0 Likes

No Block Page when accessing Blocked Categories over HTTPS

Hi there,I have recently noticed that when I test access to URLs of blocked categories over HTTPS, I do not get a 'Blocked Page' display from the Palo. It just says the Page Cannot be Displayed and show the connection was reset. The URL filtering log...

Bocsa by L3 Networker
  • 1894 Views
  • 6 replies
  • 0 Likes

Link Failover with BGP to Multihomed ISP

This configuration it's for a very particular case on my site.I have three links with two ISP (for example: ISP1a,ISP1b,ISP2)I cannot annunce at the same time my entire class over ISP1a and ISP1b for two reason:1) BGP loop problem2) For ISP commercia...

Resolved! Captive Portal is not presented for wireless users

Hello All, PA3020PAN-OS 7.1.4-h2 Having a strange issue with Captive Portal on PA3020 where the captive portal just suddenly has stopped working. Did a management server restart, tested with the PC directly connected into the Guest-VLAN over the wire...

CP1.PNG
CP2.PNG
CP3.PNG
CP4.PNG

User-ID mapping when host has 2 interfaces

We've run into a problem which I understand, I'm just not sure how to fix. A user on her laptop logs into the domain while her laptop is docked, so UIA has her ip address mapping to the wired connection. Later, she undocks and flips over to wireless,...

problem on user time session timeout, only countdown

Hi to all,I'm new on PaloAlto PA-500 7.1 version.I've searched on and I think I did not find my case.Sorry if there is not and found it.I have the wifi sessions (via AP aerohive) timeout all in countdown.The users are in domain via LDAP and RADIUS.Th...

aerspa by L1 Bithead
  • 725 Views
  • 6 replies
  • 0 Likes

2 Factor Auth Issue

Hello, We are having issue with GlobalProtect VPN client when using 2 Factor Authorisation to authenticate. Instead of being presented with a second login prompt to enter the code from the keyfob, Palo Alto is rejecting logins unless the keyfob code ...

Farzana by L4 Transporter
  • 1486 Views
  • 8 replies
  • 0 Likes

Resolved! Message of the Day Updating?

So I know that one can go into the GUI and easily update the MOTD, problem is I'm not usually in the GUI for anything on my devices. Does anybody know how one can update the MOTD through the API or CLI, I could have sworn that I found it in the CLI a...

BPry by Cyber Elite
  • 426 Views
  • 2 replies
  • 0 Likes

Palo Automation

Are there any Automation white papers in regars to Palo Alto and automation tools. Outside of VM Series, Lambda, and Tufin Orcharstartion suite?

User-ID inconsistancies

Hello, It's not the first time that I am facing this kind of issue : Context : PaloAlto FW with (multiple) userID agents in a single (or multiple) Microsoft domain and user id based security policies. The User ID feature seems at a glance to be worki...

logs.JPG

GoToMeeting no longer working, http-proxy blocked

I'm using PAN-OS 7.1.8 on a active/passive HA cluster of PA-3050 devices for the perimeter. Just recently, people started complaining that GoToMeeting no longer works. When I investigate a test session (http://help.citrix.com/getready), the session d...

Resolved! Issues with GlobalProtect on Windows 10 1703

Hi, I recently had a collegue who installed Windows 10 1703, also called the Creators Update.After the update GlobalProtect appears to be able to connect to the gatway, but it fails to retrieve an IP address and DNS servers from the firewall. Have an...

as-mg by L3 Networker
  • 2638 Views
  • 6 replies
  • 0 Likes