hi Community
Hi all,
We have upgraded globalprotect version 3.1.4 to 4.1.2. Its connected successfully . But after some time it saying portal not available. username take as portal name. anyone experience with globalprotect 4.1.2???
Discussions
Resolved! Palo-Cisco VPN Logs
Im setting up a s2s vpn between a Palo and a Cisco ASR. The GUI is showing it all as up - green lights and ike tunnels. But the logs are showing the below:
IKEv2 child SA negotiation is failed message lacks KE payload
I am not sending traffic down th
...Custom HIP Check for Linux
Hey guys,
I've been tasked to have Globalprotect only allow company owned devices over the VPN. I know I can create custom HIP checks for Windows/Mac (reg/plist value). How would I do the same for Linux clients?
I have two end users that work remote,
...PA-VM guest ethernet1/x in VMWare Workstation can't communicate with the host OS or any other hosts
My topology is as follows.
PA-VM-ESX-8.0.0.ova image was downloaded from PA support site and installed on VM
Resolved! BlueCoat Proxy Health Checks Failing through Palo Alto - App-ID "incomplete"
Hi guys,
We have migrated our production web infrastructure to run through Palo Alto (previously running through Checkpoint) and although we have no issues with production traffic we are seeing some intermittent failures on our health checks between
...Unable to find interface configured in vm machine in vmware
I’m new to Palo Alto VM series deployment and it’s the new project .. we’re trying to deploy Palo Alto HA in VMware environment . Deployed ovf template and configured management interface . Connected to GUI and all looks ok . But I’m not able to conf...
Resolved! DH group 15 IPSec tunnel
Hi
I must build up an IPSEC tunel between PA and Watchguard XTM. The other Side gives me ike phase where DH Group is 15.
On PA I only can choose Group 1—768 bits, Group 2—1024 bits (default), Group 5—1536 bits, Group 14—2048 bits, Group 19—256-bit ell
...PPTP VPN can not be connected to external devices
I have built a VPN server in company domain and I have tried to connect it in the domain computer. Now I need it can be connected to external computer. I have search many information in Internet to know how to do this setting in firewall. But it stil
...Resolved! Radius authentication for Global Protect
Hi community!
I have encountered a "problem" with our Global Protect authentication while we were doing some maintenance works.
We have an Authentication Profile with 3 RADIUS servers for authenticating the users, and the number of retries is set to 5
...Feature request thoughts - around nat selection
Hi
I have 2 NAT pools, actually 4, cause for HA each pool is doubled - does that make sense.
1 pool is on a.b.c.13 and the second is on a.b.c.113.
All good. what I would like to do is say
going out internet interface from src group "out via non prod"
...DNS Proxy in Active Active cluster setup
Hi
I am looking to setup 2 IP address I want to use for DNS proxy - I was planning on having each ip as a HA VIP - in fail over mode - 1 priotised to one node and the other to the other node
Then I tried to setup the DNS proxy - can't attach it to
...Routing issues LDAP AD server profiles
Hi, Im trying to set up Group mapping and foudn an interesting issue that I wabnted to put out here see if theres any ideas that can help us out. This is the situation:
Hardware
- ethernet1/12 is trunk with subinterfaces
- ethernet1/12.2 vlan 2 tagged subi
Resolved! Security Rule Behavior when Applications selected with Service select in same rule
I have littel confiusion, need to know about that what will happen if i have rule where i have seleted application and custom (home grown application port) port in service tab.
Ex- in applicaiton tab i have- Ping,icmp and ssh.
in Service Tab- po
...Low output levels
Having an issue with a install of Minemeld on RHEL 7. Finally got the install completed but can't get more than a few indicators to show up in the output. Initally I thought it was a resourse issue so I gave it 4 CPU's and 8 GB of RAM and more than
...
PA220 routing issue
I have three PA220s, let's call them
PA220-A
PA220-B
PA220-C
They are connected in the following manner:
PA220-A ---- PA220-B ----- PA220-C
All three have an Inside and Outside Interface. All the Outside interfaces are connected via a Layer2 network. M
...
-
OtakarKlier
on:
Understanding URL Filtering security profiles vs Rule Action
-
OtakarKlier
on:
Qualys scanner blocked
-
OtakarKlier
on:
Split-tunnel not working properly
- JayGolf on: Device Control Violations
- ChrisDean on: I have a Premium Account but can figure out how to open a trouble ticket... the Portal Changed PLEASE HELP... So frustrating...
-
OtakarKlier
on:
Palo HA with LACP to Cisco Stack Switch
-
aleksandar.asta
rdzhiev on: Certificates not appearing in XML running configuration - JayGolf on: Running Security LifeCycle Review SLR for a NGFW
- kiwi on: Panorama M-100 is not showing in my customer support portal software list.
- Alin.Scarlat on: Creating a rule
Copyright 2007 - 2023 - Palo Alto Networks