Recommended User-ID settings

I need some help understanding the recommended settings for Pan-OS agentless User-ID.

First, here are my current enabled settings.

Server Monitor tab:  I have "Enable Security Log" checked.   Server log monitor frequency is 20, server session read fre

Global protect-DNS

Good afternoon/morning/evening everyone, 

I have an interesting one:I have a group of offshore developers and I thought about setting up a few access routes, doing split tunneling, however the problem is that my DNS being pushed for the agent is my DN

TS Agent not working for Windows File Explorer

Hi!

We found out, that it is not possible to track the user when he starts a Windows-File-Explorer via Citrix. Source-Port is used from the System-Context and not from the User-Context.

This behaivour is confirmed by Palo Alto, and it seems to be simi

EDL list used in policy has no valid entries

Hi Community.

I have configured PA to fetch EDL of type IP addresses from EDL link "https://panwdbl.appspot.com/lists/ettor.txt" for blocking tor. 

I am able to see that the list is getting populated. But occasionally I am getting below warning while c

Where do I turn this off?

 Getting a warning every time I hit okay on an interface that I already know has management enabled is irritating. Where do I turn this pointless warning off in the settings?

Push Public IP's down via Global Protect

I have a possible need to push some of my public IP's down through my Global Protect clients.

Meaning an associate at home will hit my public IP via GlobalProtect and not from the Internet side. 

Can this be done... Or is it a bad idea in Palo Alto L

Network slowness after changing the fw

Hi,

We have change a PA3020 devices cluster, with a PA3220 cluster. After changing them we are having slowness issues in the network.

After doing some troubleshooting we have seen that the issue is with SMB and also with the Internet connection. If w

Connections Per Second Per host?

Has anyone found a way to see a hosts generated connections per second? In other words we want to hone in on a specific host and see the CPS being generated in either a live or post event.

All I have found so far is global cps (show session info)

Tha

Cisco ACI plug-in Synchronize Error

We have completed the installation and integration of the Cisco ACI plug-in to our panorama environment. We have found that on 2 of the 3 APIC clusters we are tied into for 3 different fabrics we get the following error on synchronization.

'State of A

snmpd crashing even after manual restart

Hi there,

We have 2 PA-3020 in our environment working as active/passive.
Recently after upgrading to PanOS9.04, both boxes are presenting issues with the snmp daemon. At first the problem was easily fixed with manual restart of process, and than beca

Global Protect Doesn't connect to Portal. It connects to my WIFI instead

I have installed GlobalProtect,Version 5.0.3-29. All my colleagues are able to connect. 

Here are the steps:

1. Install Cert in CertStore.

2. Download GlobalProtect agent for 64 bit.

3. Now when trying to connect to Portal. It doesn't throw any error but

intermittent dataplane CPU spike

@BPry 

I am seeing the dataplane cpu spike to over 90% for about 5 minutes and then drop to normal. It comes intermittently with not regularity to when it occurs. I have been doing the show running resource-monitor, show system statistics,  and showin