Captive portal bypass
New to Palo Alto. is there a simple way to disable/bypass the Captive Portal for a pc based on IP or IP range? Please be detailed since I rarely deal with the PA.
New to Palo Alto. is there a simple way to disable/bypass the Captive Portal for a pc based on IP or IP range? Please be detailed since I rarely deal with the PA.
Some of our smaller PAs are starting to have their commits fail do to the number of profiles configured in Panorama. The error I receive is "Total number of profiles (xx) exceeds platform capacity (xx)". I followed this link but it does not seem to have helped: https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000Cm0DCAS T...
When trying to access my PA-220 through my browsers I getting an error for no common encryption algorithms. I have attempted to enable all forms of TLS/SSL, I have tried Firefox, Chrome, Edge, and IE11 none of which work. Could someone please advise on what the issue may be.
I am getting the below ERROR when installing on Ubuntu 16.04 using the instructions on the below SITE. The URL's that are referenced api.nodesecurity.io do not resolve to an address which seems to be the issue, does anyone know how I can continue this install? SITE: https://github.com/PaloAltoNetworks/minemeld-ansible COMMAND: ansible-playb...
I am setting up some new OSPF adjacencies between my PA and a pair of Dell switches. Should I be using BFD? Will BFD make things better or worse? What I currently do is set LACP in HA passive state. OSPF graceful failover is configured on my switches and on firewall (which is default). I am using default grace period of 120 seconds. My OSPF hell...
Hey folks, We have an HQ site and Colo site. We are moving our Colo site to a new datacenter. We have two firewalls in HA. I've already broken HA and taken the PA#2 over to new datacenter for early standup. Leaving PA#1 at current site Active with user connections, until move day. On move day, I have this request (requirement) from management...
Hello folks, We changed our public ips recently and we have a few recipeints that are blocking our new mail IP. I am suspecting has something to do with either our TXT (SPF) record or the fact that we are using a destination NAT rule instead of bi-directional. I've included a diagram and notes below, but trying to get some feedback on what the ...
Hi All, I have a PA-200 running Version 8.1.0 and providing DHCP addresses to about 175 clients. The pool is a /24 and recently, the clients have been getting messages stating another device is using your computers IP address. I've been tweaking the DHCP server settings and have set the leases to unlimited but users are still getting the dupli...
we are getting system alert for Panorama M100 saying 1 - SYSTEM ALERT : critical : Failed exporting config bundle via ssh to 10.71.16.210. No RSA host key is known for 10.71.16.210 ....Host key verification failed....lost connection On Panorama sch config export has no config configured.
on 5220 we can see the packet diag logs via less dp0-log pan_packet_diag.log IF i run below command debug dataplane packet-diag clear log logwill that clear the pan packet diag from the DPO?less dp0-logbfd.log brdagent.logdp-monitor.log dp-monitor.log.1dp-monitor.log.2 dp-monitor.log.3dp-monitor.log.4 masterd.logmasterd_apps.log masterd_detail.l...
Hi all, Fairly new to PAN and in the process of an ASA migration. Despite TAC/VAR assistance, I'm still having some issues with my GlobalProtect user experience. Fortunately it's not in production yet but the feedback has been inconsistent. Business Requirements:-Use GlobalProtect to tunnel all external user traffic back to HA pair for web filt...
Hi,I've been trying to get an explanation to the following (working) scenario: I have a PA 220 with 2 virtual routers: an "inside-VR" virtual router with a L3 interface (i.e. e1/1 - 192.168.1.0/24 - security zone "INSIDE") + a tunnel interface (also assigned to the "inside-VR" virtual router - security zone "TUNNEL"); the tunnel interface is abl...
Hello debug flow basic commands is helpful for troubleshooting issues related to nat, route, policy? or also due to threats like drop due to IPS, AV etc?
I have configured a firewall rule to allow some servers to ssh to vs-ssh.visualstudio.com to allow the servers to use ssh to connect to the git repo of Azure devops. This rule uses fqdn address object to allow the servers to only connect on ssh to this server. The problem is that this dns address resolves to 1 ip address, but it changes each ti...
Hello friends! We have now 3 ISPs, we started to use load balancing (all methoeds tested); Problem: Sometimes, packets from PA220, interface 1/4 (ISP 1), goes out to internet thru interface 1/5 (ISP 2).User's traffic with no problem.. But PA220 internet traffic (VPN establishment for example) is inconsistent. PA220 VPN initial IKE traffic exam...
| Subject | Likes |
|---|---|
| 4 Likes | |
| 2 Likes | |
| 2 Likes | |
| 1 Like | |
| 1 Like |
| User | Likes Count |
|---|---|
| 4 | |
| 3 | |
| 2 | |
| 2 | |
| 2 |

