Reboot / Shutdown options not displayed in Web UI if Role-Based Admin is used

Hi,

I have created a role-based admin account with all rights enabled for the Web UI and superuser rights enabled for the CLI.

After login to the Web UI using this account, under Device -> Setup -> Operations, the reboot/shutdown operations are not dis

Query about admin credentials

Hello Team,

We need your support to provide specific access to system admin user. We need to provide access one of system admin only for configuring VPN user & create system admin user. Kindly confirm can we create a custom admin profile for above ta

Not able to normalize UPN name retrieved from SAML assertion

Hi Team,

We have configured SAML SSO authentication for Global protect. Microsoft Azure has the active directory we have configured it as identity provider and service provider as Palo alto global protect. Trust established between Idp and SP and we

Restrict GlobalProtect connection from a single Linux computer

Hi everyone,

I must to implement some VPN access control based on computers. By this way, a user will only be able to connect to VPN if agent is executed from a specific computer.

I have read the documentation but I don't find if I can restrict the c

Https traffic to http

Hi Guys,

I have a webserver hosted for public access using http. Now I want to know is it possible to NAT traffic entering to palo alto as https from outside to http as inside.

So user will try to connect server using public IP on port 443 their port

User-ID in multiple vsys failing for vsys2

Both vsys1 and vsys2 are using same agentless settings and are accessing same DC servers. While vsys1 shows as connected vsys2 shows nothing under status and system logs show 'connect-server-monitor-failure'. I have rechecked password in both vsys bu

Globalprotect - supress version mismatch popup?

When a client uses a version (4.1.13) different to what is available from the gateway, they see a popup prompting them to upgrade/downgrade.

How would I go about turning off this popup?

Traffic monitor not showing up all of the sudden

PA3050.  All of the sudden, after working for years, the traffic monitor stopped logging at 13:41 CT.  Traffic going through the firewall as normal.  Policy hits are still going up in number.  Anyone seen this?

unable to create a log forwarding profile with office 365 account

Hi Team 

I have an office 365 account and i am trying to create a log forwarding profile for the Gmail or office 365 when I place the smtp.gmail.com 

we are facing issue fail to send the gateway smtp.gmail.com

Cisco Policy Based VPN - ProxyID Query

Hi everyone,

I am receiving the below error on a Palo to Cisco policy-based VPN.

'IKE phase-2 negotiation failed when processing proxy ID. cannot find matching phase-2 tunnel for received proxy ID. received local id: 10.45.33.253/32 type IPv4_address