User ID WiFi and LAN

Hello

Our organisation does not use 802.1x authentication in our environment. We have LAN and WiFi for our employees. We want to implement User ID with PA with AD domains and User ID Agent. However I could not find documentation on User ID behaviour

Blank page when logging into Panorama 7.1.9

Just wondering if anyone else has come across a situation where they were unable to load the Dashboard when logging into Panorama 7.1.9; or is this a one-off issue that only we have hit?

Didn't matter which browser we used (ancient version of Firefox

PAN-OS 7.1 Resource List

Hi,

I am looking to upgrade Panorama and firewalls from version 7.0.8 to version 8.0.2. Is there a requirement to upgrade PA and all firewalls to 7.1.0 prior to moving to 8?

My main concern is if i am able to manage firewalls with 7.0.8 from Panorama

Changing HA Active/Active to Active/Passive

I was wondering if anyone has changed HA from AA to AP and if so were there any problems doing so?  

Thank you 

SYSTEM ALERT : high : Request made to PublicCloud server returned with HTTP response code : 456

After upgrading to PANOS 8.0.2 , I'm seeing the following messages periodically

SYSTEM ALERT : high : Request made to PublicCloud server returned with HTTP response code : 456

Not sure what these mean and not sure where these come from.

Any thoughts?

PA-200 | Auto Shutdown via UPS - USB

I'm wondering if the USB on the face of a PA-200 firewall can be used with a UPS to properly shutdown the firewall in the event of a power outage? If so, how can someone set this up? 

Panorama - 50 user internet usage report

Hello, I have a list of 50 users who I need to run internet usage reports for. Is there a simple way to accomplish this?

I can't do group reporting from Panorama. I dont really have the time to manually run 50 seperate reports.

I can't run the group r

PA-3020 SFP 1000base-bx10

Hello!

Does PA-3020 support ports SFP-modules 1000base-bx10 (wdm 1310/1550nm, SC)?

Thanks

Screwed up management IP

So I was configuring a new PA 200 using an XML file and I screwed up the management IP.  So I logged into what I thought was my new device, but was an existing already operational device and changed only it's management IP without changing default ga

tacacs+ authentication

Hi All,

i need to undersatnd if tacacs+ is cisco properiety , so how come juniper and paloalto use it ?

second question here , tacacs+ used mainly for cisco command authorization , so what is the need for that inside paloalto ?

Rule matching: left-to-right question, unexpected output in traffic log

On PA5050 running 7.1.5, in the monitor:traffic logs section,  traffic that matches interzone default rule shows up as matching the first rule in the list.  The first rule is configured like so:

source zone: any, source address: any, user: any, destin

Adding a Proxy ID member to IPSec Tunnel

I added a single host to an existing tunnel. Does the phase 1 portion of the tunnel need to be restarted to take effect? After I added the new proxy-id 39 - if I run show vpn flow - I see that portion of the tunnel is in "init" phase while all others