Hi,When I view the threat map, It shows a large bubble in the middle of the atlantic ocean that is labelled "reserved" what is this?Any help is greatly appreciated.M
Hi,Is there a way I can kill or log out other administrators that is authenticated in Palo Alto Management? Hoping for your assistance.Thanks,Xer
Hi Everyone, Hope everyone doing well. we have setup a windows based User ID. but one problem I saw with that is, it is receiving accounts with $ sign in the last. I believe these are service type accounts and if yes we would like to exclude them on the firewall as we don't want the service accounts to be allowed to go to internet. we have 5650...
hello team, we have this client running his ISP thru E1/3 (secondary ISP service), he wants to allow the Global Protect client thru this conection, however, after configure the portal and gateway in the PA-500, we test in the agent installed and we got the follow logs from the GP Client engine: (T22764) 09/26/19 19:56:27:735 Debug(4523): No need...
I didn't find the documentation that helpful regarding template and template stack variables, so I'm writing this post that will hopefully help someone out with creating their first variable. In my example below, we used a template variable to change the next hop IP address in a static route used by the virtual router. Each branch had a differen...
Hi.I've been detecting that some users have their VPN certificate expired and still manage to connect to the Global Protect VPN.The Global Protect settings are correct, since most users if their certificate is expired do not let them connect.Globalprotect version: 4.1.9PAN-OS version: 8.0.15 Will it be some configuration error?
I am following this KB link to set this up https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClFiCAK 1/ So the documents says i have to setup 2 source NATs for each interface. Can we getaway by using the interface as ANY in NAT rule? What is the best practice?2/ What about destination interface for the traffic coming to o...
Hello all, I've been trying to find out if it's possible to assign a hostname to a portal so that clients' portal list on their workstations have hostnames rather than IP addresses. I work in an environment where IP address for different "sites" are similar, so it can be difficult for them to remember which IP goes to a site. We have this funct...
When attempting to enable the Licensing API through the customer portal I get the following message. Unfortunately there is no "Enable link below" to click. Any suggestions? Yes, I have opened a support case but was hoping the forums would be quicker. Licensing API KeyThis license API key provides users access to the various license functions...
Is it possible to create a new url category for sites with online document editing tools(docs.google.com, ilovepdf.com)? There are no current suitable categories.
Hello, We are about to work on a Paloalto cluster deployment, which will be sitting next to the internet (we will have two separate providers) and we need to make the decision whether we configure it as A/A or A/P.I keep reading in quite some places (forums and so) that A/P is Paloalto preferred way. That is also my first option, but I would lik...
We want one user to access sharepoint and sharepoint only via the internet, everything is to be locked down. We have gone through the KB below.https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClTDCA0 It says to enable SSL Decryption. Do we need any certificate, Decryption Profile setup for this? Or the following setup is...
All of the sudden, in our global protect setup(Pre-Logon-Always-On, internal host detection, we were able to switch between internal and external networks and Global Protect would always reconnect. For about a month this has not been working. I got around to looking at the logs and see the following: (T14316) Debug(4604): All external gateways...
My CA is Portal / Gateway firewall it is having different template group and LSVPN HUB firewall on different template group. I have created new certificate for HUB gateway on Portal/GW template , exported it from template group and imported it on HUB firewall template group it is giving below errorupload--private key - passphrase invalid inpu...
Logged into Panorama CLI and typed this is:show log system eventid equal globalprotectportal-auth-succ No logs showed up. Also tried from the gui:Monitor > Logs > System and filter using (eventid eq globalprotectportal-auth-succ) Still nothing...is there a setting that needs to be enabled in order to view the GP auth logs? Thanks!
