Enhanced Security Measures in Place:   To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.

General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Ensuring a Safe and Secure Community: How You Can Help

 

Dear LIVEcommunity Members,

 

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

safe-community_oct24.jpg
jforsythe by Community Team Member
  • 27 Views
  • 0 replies
  • 0 Likes

GlobalProtect HIP not identifying products.

Hi.

 

I have two different HA-pairs with GP VPN configured on them. I'm trying to get HIP to work on the client, but I'm running into issues.

 

First issue is there are a number of applications we're checking for including Dell Kace and Comodo AV Suite a

...

Group Mapping

 

Included Groups under Group Include list showing full LDAP distinguished name. Would someone be able to advise how to configure a firewall to display "DomainName\GroupName" instead? 

 

Thank you

Marek

 

 

 

Resolved! Upgrade to PAN-OS 8.0.1

Hi everyone,

I Iam about to take the plunge and update from 7.1.7 to 8.1

I have read a few of the guides out there such as :

8.0 upgrade/downgrade considerations

PAN‐OS® 8.0 Release Notes

 

My questions I have are 

1. Do I need to upgrade the global protect

...

Resolved! Authentication seems to be the most difficult task....

No matter how many articles I read or follow I can never get the authentication to work for LDAP. I create the LDAP server profile, create the Auth Profile, then the Auth Seq, add the user account to admins and assign the profile to that user and it

...

AD group.PNG
Auth_Profile.PNG
seq.PNG

Resolved! Panos 8 inbound ssl inspection

Hi

 

I have tried to turn this on and well...

 

My server site has server cert and 1 intermediary cert.

With decryption on it strips the int-ca from the reply ? I find that rather strange why it would do that.

So this makes any request to that site fail

 

 

 

Syslog-ng issue

I have a Kiwi Syslog-ng server reachable from Palo Alto Firewall MGMT interfaces. I generated a Self-signed Cert on PA Firewall and imported that into Windows' store for use in Secure TCP (SSL) communication in kiwi Syslog Server....but the firewall

...

Activate logging

Hi,
I can't view in my Kiwi Syslog the traffic from my outside interface.
In my PA-500 I've enabled SNMP in Device -> Management ->Management Interface Settings -> Permitted SNMP Service.
In Operations -> SNMP Setup -> activeted Use Event-Specific Trap

...

s_quasar by L3 Networker
  • 2694 Views
  • 7 replies
  • 0 Likes

Resolved! Question about Virtual Router and Policy Based Routing

Hi All,

 

We are currently doing the migration from ASA 5550 to PA5020. We have totals of 4 interface in our environment.

 

In ASA the routing is handle by Static route and pretty straight forward.

 

As for Palo Alto, should I combine all the static route

...

PaloAltoRouting.PNG

Microsoft glitch

 

anyone aware of  Minemeld downloading a blank FQDN file then passing it to Palo Alto?

 

for ofcie365, for whatever reason Minemeld is unaware that Microsoft has a glitch and the FQDN file is blank.

 

Would either Minemeld or the Palo Alto’s have a

...

PA-VM Cannot ping eth1/2 internal interface

Hi Guys,

 

I am running a PA VM with a VM-100 license on vmware workstation 12.5. 

 

I have the mgmt interface bridged to my network and can access the PA GUI, CLI and the internet. 

 

For my internal interface i have setup eth 1/2 to vmnet3 and unchecked

...

vmnetcfg_2017-10-22_09-54-29.png
  • 23584 Posts
  • 107 Subscriptions
Labels