Symptoms:
In my case I was using auto discovery and my client would connect to my domestic VPN gateway from a guest network. It would not however connect to Asia or European gateways manually. The message "Gateway Asia: Server certifiate verification
...
We have configured a GlobalProtect Gateway to service clients using both the GP Agent and X-Auth parameters with 3rd Party Clients.
We have been receiving the following error messages:
'IKE phase-2 negotiation failed when processing proxy ID. cannot f
...
Hi All,
I have a situation where someone tried to access Palo Alto and failed to login as the authentication was not granted. Any idea where i can go and see what was the source IP and location etc. A bit of forensics.
Any suggestions most welcome.
Im
...
Hi all,
This my first post on here.
I was trying to see if these devices have monitor/tracking features e.g. keep testing the internet connection to see if it is still up.
I want the PA to form a neighbor relationship with a cisco router and advertis
...
Hi I need to know the correct procedure for installing a 10 G SFP into a PA-5050.
Can I install while they are on and running? Do I need a reboot?
Do I have to power off and install and power on?
I’ve tried to if an answer in the documentation
Hi,
I'm configuring my GlobalProtect VPN and Agent keep saying "CN name mismatch".
Here's my infrastructure :
The PA220 is behind the NAT of the ISP and all connexions on WAN_IP (that is the public IP) are translated to the address 192.168.7.1. As po
...
Hi Guys, Any idea how to block Google drive Using Chrome-cached Session they can access the drive. We tried creating a policy by application blocking google-docs-base google-docs-editing google-docs-enterprise google-docs-uploading google-docs google...
Hi All,
I've successfully set up globalprotect for my remote users according to this link https://live.paloaltonetworks.com/t5/Configuration-Articles/Basic-GlobalProtect-Configuration-with-User-logon/ta-p/136099
I have a new problem. I want some user
...
We have firewalls in HA and are multi-vsys. I am trying to to get them into Panorama, but as i import the config it removes almost all objects and Panorama device groups only shows shared objects. Any object that was local to to vsys does not show an
...
Hi There,
I have a customer RFP requiring that URL filtering product must have more that 50 million clissified webiste on its database.
Does Palo Alto Networks URL Filtering solution (PAN-DB) have more than 50 Million classified webistes?
Thanks ver
...
Hello,
I do have 2 Panorama running with 7.1.9. 1 running with M100 physical and another one is VM. Both are having different device group , templete and devices.
I am looking for way to migrate all devices from M100 to VM. Is there any easiest/ safe
...
There is an option for syslog alerting by email in PAN-OS , but even if used only for threats , not traffic, results in way too many emails. I am collecting threat events through Logstash into time series database InfluxDB . My very small program is
...
Dear comm,
when I have several LDAP servers in a profile for user authentication. How is this list utilized? Is only the first entry used? Are authentication requests distributed over all configured servers? How does it work?
Kind regards,
Rene
Hi,
I just cloned a syslog miner, following the guide here:
https://live.paloaltonetworks.com/t5/MineMeld-Articles/Using-the-syslog-Miner/ta-p/77262
I can see the syslog processed counter moving, so looks like syslog forwarding is working. I'm
...
What version of SSL/TLS firewall use when connecting to LDAP Server when we check the SSL checkbox
OtakarKlier
on:
Qualys scanner blocked
OtakarKlier
on:
Palo HA with LACP to Cisco Stack Switch
aleksandar.asta
