General Topics

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

Interface IP for Log collector - LC communication

I have configured Interface between 2 m500 with /24 Mask. M500-1----------eth1/5---------------------------------eth1/5---------M500-2 eth1/5 is used for collector communication. Need to confirm this is right design to have IP address on directly connected interface with /24 mask? Please confirm?

Resolved! Monitor Youtube URL

Hi Everyone, How can we view the exact url (e.g. https://www.youtube.com/watch?v=7o3Pjhs1qxM) of Youtube videos that are viewed by users. We implemented SSL decryption on Youtube site and it shows that it is "Decrypted" but monitoring logs doesn't show any or the exact URL of Youtube video played. Thanks...

Resolved! Tech support file and looking for High Virtual Memory and Commit logs

Whe we unzip the Tec support file which folder i should click on to check the commit failure and high Virtual memory utilizations?

Resolved! Firewall cache for EDLs

Hello Community, I was searching how long can the firewall have cached the EDLs if the firewall lost connectivity to the server where I host the txt file but I dind't find anything. Any clues?Thanks a lot.

Resolved! Monitoring Virtual Systems on Solarwinds

Hi All, Can I monitor my Virtual Systems on Solarwinds - SNMP and Ping? They are configured with shared aggregated interfaces and not indivdual physical interfaces. I am monitoring the device itself but would like visibility of the individual virtual systems. I read an older post that only physical interfaces could be monitored but not sure if t...

global protect: keeping clientless vpn users seperate from remote access (vpn client) users

Here's what I need:Employees using the global protect client, and vendors logging into clientless vpn and getting the apps I assign them.I do not want any vendor to be able to access the vpn client. Here's where I am:I have a GP portal and gateway assigned to the outside interface. Remote access (employees) authenticates to radius server (ACS) a...

Resolved! VRRP on switches connected to PA in active and passive mode

below we have setup https://snag.gy/3kRV8C.jpg Where switches and routers are running ospf.PA has static route to the VRRP IP of the switch. 1>>Need to know is this good design to have the VRRP backup router connected to the PA active switch? 2>>Also yesterday when we reboot the router 1 during that time we lost the internet connec...

Resolved! "Management Interface Settings" Widget Doesn't Show Under DEVICE> Management tab

I have a PA-VM-300 running 8.1.3. On the DEVICE> Management tab, I do not have the "Management Interface Settings" widget. The person who set this up, is no longer here. Is this a widget that is specified somewhere, or is it perhaps missing for some other reason? Thanks!

show user group list - Shows custom group only

Under group mappings of LDAP i have so many AD groups. But when i run below command show user group listTotal: 11* : Custom Group IT does not show me any group names from AD?what is the reason for that? Also what is difference between Custom group and AD groups in LDAP?

Authentication Policy with Captive Portal using Session Cookie

Customer has authentication policy with web-form as authentication profile and 60 minutes timeout.Captive Portal has both timers at 60 minutes and uses Session Cookies with 60 minutes timeout. However if a user hits refresh for the authenticated (https) session less than 60 minutes after succesful authentication he gets prompted to re-authentica...

Resolved! Global Protect issue with BGP routing configuration

Hi All, I have configured Global Protect and I can successfully connect. My Palo Altos are configured to peer and route via BGP which is working without issue. My problem is I cannot reach anything once I am connected. I need at access two address ranges. From the CLI of the Palo I can ping the gateways of the networks I need to reach via the Gl...

Resolved! Basic GP routing/NAT/policy

The Gateway/Portal of my setup works fine.It's routing I think that's not working. I just want a client over GP to hit local networks off the PANOS. IP Pool and access routes that been defined, work just fine .. I can see client has been bestowed these when it connects.. What's the basic setup from a routing perspective ?- I set up a tunnel.## ...

Resolved! Split tunnel greyed out

Hello, We are using PANOS 8.1.7 and GP 4.1.8. We have multi Vsys and one of our VSYS administrator account cannot access GP protect agent split tunnel setup. It is greyed out.Is this an account limit or something wrong?

threshold values for SNMP Monitoring PA-5250

Hi,How much RAM does a PA-5250 have? And which threshold value should be defined for alarming in SNMP Monitoring?And what other oid make sense to monitor and which hreshold value? e.g. count of Sessions: Data Sheet 8.000.000, but what would be a appropriate threshold value? Thanks a lot Robert

Resolved! TS Agent no port mapping when using windows net use

Hey GuysWe have noticed a weird behaviour:When I do a telnet to IP 1.1.1.1 Port 445 on our Terminal Server with the TS Agent installed, the associated Port Range will be used as expected and the source user-id will be mapped.But when we do a net use in the same CMD window, it won't associate it with the expected port range but with a higher, not...

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!