General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Problem with user mapping and GlobalProtect connection

Hello! The access to GlobalProtect is done using certificates, it works alright, users are authenticated and identified by sAMAccountName. Sometimes happens that the firewall re-maps the already identified user substituting the sAMAccountName with name.surname, for example. john.smith. I don't understand why. Sometimes it works perfectly, then j...

Resolved! recommended versions

Hi, I'd like to know which PAN-OS is currently recommended? And this in combination with GlobalProtect? Thanks,wkr,Luc

Resolved! 7000 Series processing speeds

Hi All, Hoping someone can clear up some confusion I have with the processing speed fothe 7050 firewall. The literature states that each NPC adds 20 Gbps of processing to the chassis. You can scale out your deployment and speed by adding NPC's, the first packet processor will do the job of distributing the load accross the NPC. Picture this sc...

Integrate a DMZ with virtual F5 to the PA FW

I would like to add a virtual F5 as a proxy to our exsiting 5220 PA FW. As I have never done a DMZ to a virtual device, I am jsut wondering there a sample scenario or configuration. If my F5 was a physical device, I will just assign an IP address to my FW interface with zone as DMZ. But if my DMZ device is virtual (setup in the datacenter in the...

Capture.JPG
jac101 by L2 Linker
  • 9523 Views
  • 8 replies
  • 0 Likes

XML User ID

One of our engineer setup XML to pull the user id and ipaddr mapping, which works with no problem. The problem is he left the organisation and we are not able to determine the source from where the input is coming into the firewall. The log on the PAN does not tell you exact source ipaddr.irtual Systemvsys1Timeout2700Data Sourcexml-apiSource Nam...

Policy rules based on hostname or windows hostname

Hi I can create a policy based around the username, what about linking to a hostname . windows hostname - verify in MS AD. I have a management VM, I would like to move, but it has some policied based around location - specific network. It would be nice to allow it access based around windows name as long as named is in MS AD.

unknown-tcp for Exchange 2016 when decrypted

Hi, I'm doing decryption for Exchange 2013 OWA web part and it was doing good - was seeing mostly applications like ms-exchange, activesync, outlook-web which makes sense.Customer upgraded their infrastructure to Exchange 2016 and after trying to decryot that I'm getting a bunch of unknown-tcp traffic after decryption instead of ms-exchange and/...

nikoo by L3 Networker
  • 3076 Views
  • 2 replies
  • 0 Likes

Configuring ldap for mgmt.

I have customer firewall running 8.0.x . I have AD configured for customer using service route going into trust zone as required.But I would like to manage the firewall at the moment managed wth single local superuser. Is it possible to use AD auth for this as well.

Connecting to mapped shares - most of the time very, very slow

I work with a company that uses Global Protect as their VPN solution. When I work from my offsite office, I'll fire up the VPN, login and get to work. For the past year, I've suffered from very long connection times re-establishing access to an important shared folder. In mapping this share, I usually go through Windows Explorer and just clic...

CharlieG by L1 Bithead
  • 7236 Views
  • 7 replies
  • 0 Likes
  • 24393 Posts
  • 123 Subscriptions
Top Solution Authors
Labels