General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Resolved! Security policy not working with Group Mapping

I have configured LDAP group under Group Map settings.

I have added the ldap group there.

 

Then under security policy source user is any and under user i added that group name.

 

When i do sh user group list i see the group name and user ids under it.

 

wh

...

MP18 by Cyber Elite
  • 9807 Views
  • 8 replies
  • 0 Likes

Resolved! Active Passive and Active Active PA and Web Gui Cert

 

I have created CSR and exported that to our Server team as they would generate the cert based off of that.

PA is in active passive mode.

 

Do webgui cert of Active PA will syn with Passive PA?

Do I need to create separte CSR for the passive PA?

 

We also

...

MP18 by Cyber Elite
  • 3658 Views
  • 7 replies
  • 0 Likes

ShareFile upload 'blob'

Hi,

 

I was wondering if anyone have been succesful in getting the actual file names of what is being up/downloaded to ShareFile? All I get is file name 'blob'. We do decrypt the traffic but my guess is citrix encapsulates the files making the names

...

mgusta by L2 Linker
  • 2926 Views
  • 2 replies
  • 0 Likes

HA and Device Priority

HA active device

Upon initial configuration the device with the lowest priority, value close to zero, becomes the active unit (default priority is 100). If two devices have the same priority value, the device with the lowest MAC address of the HA1 lin

...

scantwell by L4 Transporter
  • 6474 Views
  • 14 replies
  • 0 Likes

globalprotect stuck at "Retrieving configuration..."

OS info: openSUSE Leap 42.3

 

After installing globalprotect I tried to connect for the first time, but it seems to get stuck.

 

After the inital warning messages, I continued as suggested in the manual:

 

>> connect -p portal.vpn.broadcom.com -u tc912575 

...

ccin1492 by L1 Bithead
  • 10372 Views
  • 5 replies
  • 0 Likes

Upgrade from from 7.1.2 to 7.1.22

I have a question about the upgrade.

If I want to upgrade PAN OS from 7.1.2 to higher version. <such as 7.1.22 or higher>
Do i need to in-place upgrade step by step from 7.1.2 to 7.1.21 then 7.1.22. or

I can upgrade directly from 7.1.2 to 7.1.22?

Resolved! OS-X and GP - Machine Start

Need some feedback. 

 

On Windows 10 this doesn't seem to be a problem but for OS-X (version 10.14.3 Mojave) GP doesn't connect on a reboot.  It's saying the portal isn't available.  I think GP is starting up before the the NIC and that's what's causin

...

20190129_090336.jpg

Resolved! Dataplane higher than usual. why??

Hi,

 

We realised that the PA5050 (panos 7.1.12) dataplane has increased to 55% when it is always is at 28%. I would like to know why this increase is caused. I dont know how to translate this commands in order to have an idea about why is high the dat

...

Resolved! SSH to HA1 port - Password

Trying to ssh the active device from passive using HA1 IP address 

 

mparmar2@Lab-EOCDC-NGFW-1(passive)> ssh port 28 host 1.1.1.11

mparmar2@1.1.1.11's password:

Permission denied, please try again.

mparmar2@1.1.1.11's password:

Permission denied, please tr

...

MP18 by Cyber Elite
  • 3358 Views
  • 5 replies
  • 0 Likes

Resolved! Failover issues with Active/Passive

Hello,

 

Using 3020 HA pair. We are currently having two issues regarding fail-over:

  1. Fail-over time from primary to secondary takes about two minutes. Fail-over back to the primary takes on average 10 minutes. This seems excessive for a production envir
...

question about opt/panlogs partition

Hello community,

 

I hope you can help me with the following:

 

We have a PA-3020. Being the opt/panlogs partition size 90GB and the max capacity you are allowed to allocate playing with log quotas is 80GB. Do you have any way to make use of the last 10G

...

Carracido by L3 Networker
  • 1985 Views
  • 0 replies
  • 0 Likes

PA 3060 HA config & PSA Key Input CLI

 

Hi 

I used to use Juniper SRX and want to check PAN 3060 HA. Basically i assume once 3060 ha is established, I can dump config on Primary and once i do commit then it will be copied to secondary 3060.

 

One quick quesiton for VPN PSA key input. It show

...

  • 24187 Posts
  • 101 Subscriptions
This widget could not be displayed.
Top Solution Authors
Top Liked Authors
Labels