Did you know that you can help your fellow community members by accepting solutions when a reply answers your question Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature
...
I recently configured windows user-id agent and have it in conjunction with agentless user-id.
Can I have both running on the firewall as a redundancy?or should I remove agentless config?will it create any harm if I keep both running?
Hello,
I go to ACC tab -->Onleft side select the time frame --> Network Activity -->User Activity --> Export to PDF
I wrote a simple PowerShell GUI script that can check for GlobalProtectVPN users connected currently, or at a past date.
It uses the Rest API to grab the information. Not sure if anyone would find it useful.
Here is the Github link: https://github.com/
...
Hi folks,
We have a Wildfire public cloud subscription, dynamic updates, and security profile configured.
I've been asked, "How do we know it's doing anything?".
When I look at Wildfire submissions, the last submissions are from January and end of las
...
Regarding DAGPusher Output node.
I don't mean to hit anyone with a firehose but I have several questions I'm having trouble finding the answers to regarding the DAGPusher Output node in MineMeld. It's my understanding this node will allow MineMeld
...
Hello,
I finished the setup of DAGPusher and DAG in Panorama.
The list of indicators is populated in the MineMeld DAGPusher but my DAG in Panorama is not populated.
In the MineMeld logs I can see following:
2018-02-23T14:18:23 (17217)dag._device_pu
...
Hi,
I have a security rule that's supposed to be only allowing traffic for URLs in a custom URL category. However, it appears that it's matching lots of other URLs that aren't in the category. Below are some screenshots. I'm running v8.0.6. Let m
...
Hello everybody.
I am using the SSL Inspection over HTTP (HTTPS) service on our office GWs. I know how to set up rule bases and configure my Decryption Profile well. I have read PAN's documentations and watched a tutorial about how to configure a SSL
...
Req POLICY BASE IPSEC Site to site vpn, if any one have share it .
Dear peers,
I have been fighting an issue for about a month regarding issues running Cisco DMVPN behind a static 1-to-1 NAT address (VeloCloud not a Palo Alto). I am currently still trying to ascertain if this is an issue with the VeloCloud applianc
...
I was going to check the update schedule of URL database but this is no longer there. Although i can see update has happened today. License is still valid. PANOS is 8.7.
url-filtering-version: 20180228.20221
trying to find out if there's a list of the various messages and what they mean, particulary with 'globalprotectgateway-logout-succ'. I'm specifically trying to identify what 'Reason: remove previous login' means.
I assume it means the previous sessi
...
My goal is to be able to reroute traffic from internal server 192.168.0.10 port 123 to other internal server 192.168.0.20 port 456
My understanding is that I do not need a u-turn nat rule since we're using internal IP addresses, however so far I've n
...
I have followed the configuration guide for setting up dns sinkhole but i am not seeing the expected output in the logs.
My configuration is as follows:-
Client sits on a zone 'mplstrust' (internal LAN)
Internal DNS Server sits on zone 'dnstrust' (inte
...
If you suspend a passive firewall in an active/passive HA configuration does it just mean that you have turned off HA and the active cannot fail over to the passive?
reaper
on:
Agentless User-Id integration
reaper
on:
Required PAN-OS 8.1.25-h1 for PA 3060
reaper
on:
IPSec Phase 1 tunnel not connecting
