General Topics
cancel
Showing results for 
Search instead for 
Did you mean: 
General Topics

Forum Posts

Resolved! GlobalProtect, Working from Home, Prisma Access and Covid-19

To all, Just wanted to post a message about the Hot Topic right now, which is Covid-19. With all of this going around, everybody's health and safely is the utmost concern. Keeping your hands clean, washing your hands (A LOT), using hand sanitizers, a...

jdelio by Community Team Member
  • 18312 Views
  • 41 replies
  • 32 Likes

RPC Service

hello everybody,I need to write a rule that allows RPC Service activity for SUN SNMP to DMI mapper daemon.any idea?thanks in advance.

Redundant Site-to-Site VPNs?

I am looking to put in redundant or active/active VPNs.2 of our sites both have 2 ISPs.Currently the VPN works from 1 ISP on each side.Questions:1. Can I have redundant VPNs?2. Can I load share over those?3. Any tips or docs to configure?Other relate...

Resolved! HA configuration & License Expired

Hi,Given a scenario when both HA configured firewalls' license have expired, will my active firewall still fails over to passive firewall in the event of primary firewall failure?thanks,cwong.

cl_wong by Not applicable
  • 1292 Views
  • 3 replies
  • 0 Likes

Mngmt CPU Raises %51

Hi All,My PA5060 mngmt CPU raises %51 around and after a few mins later it goes down to %10 but it's happening oftenlyI think it's not normal and i want to solve this problem or i wanna learn what is/are the reason about this issue. Can anyone help m...

Permit related/inherited applications

Hello,I am looking to build a particular security policy where *all* web browsing is permitted, including any applications that the session gets transitioned to as a a result of App-ID figuring it out. For example, a session may start out as a "web-b...

krhayes by L0 Member
  • 610 Views
  • 2 replies
  • 1 Likes

Resolved! no certificates in the webui but still everything is working

we get the error: Warning: cannot find complete certficate chain for certificate ****we get this error since upgraded, i cannot see any certificate in the webui but everything (global protect and webui) is working.int the export xml i can see those c...

minow by L4 Transporter
  • 771 Views
  • 4 replies
  • 0 Likes

Resolved! VPN SSL traffic

We have a SSL VPN setup through the Global Protect Gateway. The SSL-VPN tunnel is in its own zone and I have an any - any rule for this zone to my trusted zone. I am able to pass traffic to one interface in a trusted zone but I am not able to pass tr...

God by Not applicable
  • 926 Views
  • 9 replies
  • 0 Likes

Resolved! Vulnerability Protection Threat level

I have been trying to figure out if there is away to adjust the Threat level of an event under the Vulnerability Protect.For Example I have set certain vulnerabilities to drop packages but I want to change the threat of it so its no longer a high thr...

murphyj by L2 Linker
  • 637 Views
  • 3 replies
  • 0 Likes

Resolved! Timeout for SSL Decryption Session

Hopefully an easy one, but I can;t seem to find the answer.What is the default timeout for SSL decryption i.e. how long before a user is required to re-accept an opt-out page?And, what is the CLI command to change this?Many Thanks

apackard by L4 Transporter
  • 796 Views
  • 3 replies
  • 0 Likes

Resolved! Multi AD groups for Global Protect access

Hi All,I have a Global Protect access question for group. I have given access rights to a VPN user group and assigned the AD membership that almost all of our staff is a member of to it and its been working well. Now I need to add a second AD securit...

Resolved! vsys cpu

Hi,Can we see how much cpu is used by vsys's ?Thanks

panos by L6 Presenter
  • 776 Views
  • 2 replies
  • 0 Likes

Resolved! session table

Hi,is it possible to use a PAloalto firewall not to keep sessions and works like a non stateful Access Control device.Thanks.

panos by L6 Presenter
  • 638 Views
  • 5 replies
  • 0 Likes

Resolved! non-syn vsys

Hi,is there an option to Set the vsys (not Firewall or zone) to Reject non-Syn First Packet?

panos by L6 Presenter
  • 274 Views
  • 1 replies
  • 0 Likes

LDAP 389 Group Mapping

I am attempting to configure Global Protect to authenticate with our LDAP server. We are an all Linux shop and we are using LDAP 389, which is very similar to OpenLDAP (this is what I was told anyway, I am not much a server guy and don't manage this ...