Best way to identify Macs for URL filtering?

All the Macs are AD joined and everyone logs into the domain. Problem we are having is that after a few hours the Macs are not identified any longer and the URL filtering stops working. The Mac users are creative and get some relaxed filtering....so

Internet Access Captive Portal

Dear Friends !

i have restrice Internet Access to Clients but before they fall in to Captive Portal Page, they reach to google.com https certificate then PAN poral Certificate

as well the Clients are able to ping, traceroute destinations in Internet b

User ID for ncomputing environment

HI all,

My customer has ncomputing (thin client) environment and all servers are Ubuntu. They wanted to implement User-ID feature in this environment. As we do not have any User ID agent for Linux, how can we get user info? Can we use Captive portal,

DNS Security Subscription on EXISTING PA-220 Lab Appliance

Is anyone having the same problem as me?  I have an existing PA-220 lab appliance (the lab SKU includes all available subs and support) that was deployed prior to the announcement of PAN-OS 9.0 and DNS Securty.  I have since upgraded the appliance to

Publishing website issue.

Hi Experts,

I am trying to publish a website, the webserver is behnid my Palo alto, i created NAT rule from public IP to be natted to the internal webserver IP address. What is starnge here is that i am not able to see my traffic when trying to reach ...

PLEASE HELP.. same config but not working! from PA 3050 to PA 3220

Dear experts,

I am moving from PA3050 to PA3220. I did export the current configurations from the old PA3050 and imported to the new PA3220, i committed successfully, but when i migrate cables from old device to the new one i get random issue! like s

Old certificate showing even after new certificate mapped to the ssl profile

Hello,

We are using Software Version - 8.0.8, Global Protect Agent - 4.0.4

One user is able to connect the VPN through portal but when accessed the URL from the internet still seeing the old certificate after new certificated mapped.

We tried to rein

Preventing Split-Brained Monster, HA Failure Technique Idea?

I am trying to develop a technique to handle HA failure conditions, between two PA units, in an "Active/Passive" configuration.

What I want to try is to connect an HA1 link to an intermediate switch. By default, what I notice is that if I take down t

Global Protect connects even machine certificate not present in store

Has anyone encountered this issue ?

https to portal interface IP gives an error "Valid client  ceriticate required".

GP users are still able to connect to GP VPN even if machine certificate not present in store. 

I have Global protect Portal configura

File Blocking applications

What is the reason that the Applications field within File Blocking Profiles only allow a subset of all applications? For instance, I have a file blocking profile that alerts on several file extensions for webmail applications I've specified, and I'm