General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Intermittent Aged-Out Traffic

I am hitting an issue where sessions are ending for the reason "aged-out".  Go figure the problem doesn't present itself readily when I have Support on the line.

 

The Setup: I have two ISPs.  One (I'll call it SummitNet) is an asymmetrical 30Mbps up /

...

Youtube Aged Out.PNG

ASA 5510 VPN

I want to replace a IKE1 VPN serviced by a ASA 5510 with a  IKE2 VPN serviced by the palo alto what i the best approach?

jdprovine by L4 Transporter
  • 4781 Views
  • 16 replies
  • 0 Likes

Cisco SFP+ Twinax Copper Cables to PA-5050

Hello.

Has anyone tried connecting Cisco SFP+ Twinax Copper Cables (sfp-h10gb-cu1m) to PA-5050 device? I've tried to find some info about it on PA KB but wasn't successful. Is there any document issued by PA listing all the supported 3rd party devices

...

santonic by L6 Presenter
  • 9675 Views
  • 6 replies
  • 0 Likes

Hub and Spoke IPsec VPN design with Dynamic Routing

Looking to properly setup Dynamic Routing over a hub and spoke IPsec VPN network. The hub will have 40-50 spokes.  The Hub is running a PA-820.  Spokes will be PA-220.  Voice and data traffic.  There will be minimal traffic between spokes.  My questi

...

Global protect users dont pass authentication

Hello all

we have PA in production.The problem is VPN users dont pass by certain authentication profile.The issue is that when we point user it is ok but when we point some group it fails to authenticate

we test through CLI and that is result

 

test auth

...

Radmin_85 by L4 Transporter
  • 1759 Views
  • 1 replies
  • 0 Likes

Very Slow Commits

Anyone who's used Palo's since the early days may roll their eyes at this question..!

 

We have a bunch of 3020's and one can take an age to perform commits; for example this morning we performed 4 - the first 2 took <30 seconds, the 3rd took >10 minut

...

apackard by L4 Transporter
  • 2250 Views
  • 3 replies
  • 0 Likes

UserID Reporting Computer Names

Quick question.

 

We are having some issues where a users' computer name i.e. acme\pc01$ is being reported by UserID rather than the user i.e. acme\jbloggs.

 

Anyone seen this before and\or advice what it could be?

 

We have a horendously complicated UserI

...

apackard by L4 Transporter
  • 5135 Views
  • 8 replies
  • 0 Likes

Kerberos SSO with Globalprotect and User-Logon

Hi Community,

 

I have a strange problem with Kerberos SSO and Globalprotect 4.0.7:

I set up Kerberos SSO and the SSO is working.

If you connect to the Globalprotect-Portal via browser, you directly get a Kerberos ticket and the SSO works.

 

If you logout

...

Chacko42 by L4 Transporter
  • 2129 Views
  • 1 replies
  • 0 Likes

Resolved! virutal router and ipsec settings for vsys admin

Dear All,

               We created a seprate vsys and assigned l3 interfaces and virtual router for a vsys. But vsys admin which is assigned for it is unable to view virutal router tabs and ipsec configuration tabs.

 

We want this vsys should be handle

...

WildFire API with WebRequest

Hi Everyone,

 

I am trying to use WebRequest (microsoft .net ) class to  get report about a sample via WildFire API. The only thing I got is an error "(420) insufficient arguments". In my posted data, the apikey, hash and format are all included. Is th

...

Resolved! PAN OS 7.1 Dynamic Scheduled Update Failing

Hi Everyone,

 

I have recently started to help a team support our Palo Alto's and was tasked to get our Panorama Server to push dynamic updates out to our Firewalls (PA 3050). Originally we had the individual firewalls setup to update themselves, but w

...

9sobey by L0 Member
  • 1975 Views
  • 1 replies
  • 0 Likes

Resolved! Wildfire API

i am working on paloalto VM version 5.0.6 and tying to read reports from wildfire with the help of API using cURL.

i am pulling the report on the basis of "device_id" and "report_id" but getting error.

curl -i -k -F device_id=[SERIAL NUMBER] -F report_

...

Resolved! General Interface status?

Hi folks,

 

We have a PA-200 over in London (on the recall list) that get complaints that the internet has intermittent connectivity issues.

Everytime I login to it, the interface (1/1) is up, green, and no indication of a problem.

 

Other than contacting

...

OMatlock by L4 Transporter
  • 2838 Views
  • 4 replies
  • 0 Likes

User activity report

Hi Team,

 

Customer trying to utilize Palo Alto to generate user activity reports that show detailed web browsing. I understand from other articles (https://www.paloaltonetworks.com/documentation/80/pan-os/pan-os/monitoring/view-and-manage-reports/gene

...

sprabhu by L3 Networker
  • 1619 Views
  • 1 replies
  • 0 Likes
  • 24191 Posts
  • 101 Subscriptions
This widget could not be displayed.
Top Solution Authors
Top Liked Authors
Labels