General Topics

Introducing the LIVEcommunity Support FAQ: Your Valuable Customer Resource

LIVEcommunity is thrilled to introduce its new Support FAQ section, designed to help Palo Alto Networks customers quickly resolve their common queries.

You'll find this new area under the Articles section of the main menu:

Our goal is simple:

...

Has anyone got RSA Radius groups to work without adding the dictionary to radius server?

Hi,

Has anyone got RSA Radius groups to work without adding the dictionary to radius server?

https://live.paloaltonetworks.com/t5/Tech-Note-Articles/RADIUS-Dictionary/ta-p/53745

Thanks

Resolved! Has anyone gotten GP user-logon (ALWAYS on) and OTP working together?

Hi,

Has anyone gotten GP user-logon (ALWAYS on) and OTP working toghther?

Thanks

Resolved! Discerpency between Panorama and Acutal Devce

Why i shtat under Panorama-->Device Deploment -->License it show one of my firewall pairs support license expired 10/31/17 but on actual device its expires in 2020 which is correct

Traffic map Zoom?

A lot of my traffic will be limited to a 200 Mile radius of our main site?

The traffic map zoom is so limited that I just have a huge blob over the whole of the UK,

How can I get zoomed in further??

Thanks

Rob

Resolved! Query on HA config

Hello,

The ethernet 1/5 on the PAN device Node 1 is not in use hence left it blank on Node 2.
The ethernet 1/7on both the nodes will be the HA link, which will be configured.
Is the below configuration correct to setup a HA, during the failover from n

...

Resolved! GP Internal Host Detection not Working

To start off...

I have already read this.

https://live.paloaltonetworks.com/t5/Management-Articles/GlobalProtect-not-Detecting-Internal-Network-with-Internal-Host/ta-p/53681

I'll start off with the whole story. We have 2 ISP's, setup to our PA-50

...

SSL Decryption PA-VM

I have configured SSL Decryptuion as mentioned in:

https://live.paloaltonetworks.com/t5/Configuration-Articles/How-to-Implement-and-Test-SSL-Decryption/ta-p/59719

But no https site is working properly, all of them are giving errors:

Moreover in Wire

...

Resolved! When did the Global Protect User Connect or Disconnect?

How can I look up when all a Global Protect user connected and disconnected from a PAN firewall? Thank you.

URL filtering based on source IP?

Is this possible? I assume it is but not sure how to allow it while applying all the other policies I already have in place across the board.

Resolved! Can PAN-OS prevent user download/upload specific file size?

Dear all,

I want to limit the file size user can download/upload, for example prevent user from download/upload file larger than 100MB

How can I do it? Thank in advance.

Resolved! Ignoring stateful Inspection - Asymetrical Routing

Hi all

In asymetrical routing scenario where return packets arrive on different interface, is there a feature in Palo to accept the flow?.

Many thanks

Ajaz Nawaz

CCIE RS #15721

JNCIE-SEC #254

ubuntu and global protect

Is it possible to use the globalprotect client on an ubuntu machine?

Resolved! What is the correct way to send all traffic to the virtual firewall?

Hello, good morning,

I plan to purchase the product vm100 (kvm), to have a virtualized firewall on a dedicated server.

In the same rack will have other servers connected to a switch.

I wonder, what would be the right way to pass all incoming and outg

...

Resolved! FTP traffic denied with Strange behaviour

This is my rule:

The traffic is allowed, however suddenly the traffic will be denied and starts working after some time:

Please refer the logs:

The same traffic ( same porta and destination ) which was allowed suddenly denied in firewall.Data lane CPU

...

Can I use SSO using user account information (cert + user creds) on MAC for user-logon global prote

Hi,

Can I use SSO using user account information (cert + user creds) on MAC for user-logon global protect? Also on Windows when Windows credentials for SSO can I use any type of authenication profile such as radius. How does this work with Radius? W

...

Discussions

Introducing the LIVEcommunity Support FAQ: Your Valuable Customer Resource

Has anyone got RSA Radius groups to work without adding the dictionary to radius server?

Resolved! Has anyone gotten GP user-logon (ALWAYS on) and OTP working together?

Resolved! Discerpency between Panorama and Acutal Devce

Traffic map Zoom?

Resolved! Query on HA config

Resolved! GP Internal Host Detection not Working

SSL Decryption PA-VM

Resolved! When did the Global Protect User Connect or Disconnect?

URL filtering based on source IP?

Resolved! Can PAN-OS prevent user download/upload specific file size?

Resolved! Ignoring stateful Inspection - Asymetrical Routing

ubuntu and global protect

Resolved! What is the correct way to send all traffic to the virtual firewall?

Resolved! FTP traffic denied with Strange behaviour

Can I use SSO using user account information (cert + user creds) on MAC for user-logon global prote

Template- Variable CSV greyed out

Can't find the "Republic of Kosovo" in the "Firewall Region Code Legend"

Device - certificate based authentication

Failover IPSEC tunnels with tunnel monitor keeps both tunnels active

Wildcard URL for Non-HTTP/HTTPS traffic

Re: Allow all web addresses with .gov and .edu extensions

Re: Wildcard URL for Non-HTTP/HTTPS traffic

Re: Howto delete sub-interace from cli

Re: SSL Inspection issues with GlobalProtect users

Re: What is still missing or needs to be improved in PA Next Generation Firewalls ?

Unlock your full community experience!

Resolved! Has anyone gotten GP user-logon (ALWAYS on) and OTP working together?

Resolved! Discerpency between Panorama and Acutal Devce

Resolved! Query on HA config

Resolved! GP Internal Host Detection not Working

Resolved! When did the Global Protect User Connect or Disconnect?

Resolved! Can PAN-OS prevent user download/upload specific file size?

Resolved! Ignoring stateful Inspection - Asymetrical Routing

Resolved! What is the correct way to send all traffic to the virtual firewall?

Resolved! FTP traffic denied with Strange behaviour