USer-id and Group mapping query

Dear Team,

We are using Azure Ad server to integrate with PA.We have configure Azure Saml for authentication of Gp .We need to configure user-based and group based policy foor Gp users through Azure Ad.
We need to integrated user-id agentless or uid ag

Is it "Use Signal Sign-On (Windows)" function work with SAML login for Global Protect?

As I know when SAML login for Global Protect, it will pop-up a login browser unlike other login method.

take Azure AD syn with on-prem AD as a example, 

notebook Window domain login use a on-prem AD (Since Azure AD not support it), but Global Protect

Mitel Phone Mobile App - PAN 10.0.0 PA-3260 can't get it to work

Anyone use Mitel mobility app and working on your Pa-3260?

log-end, log-start disappears at result of show command

Hi

PANOS 8.1.13

At result of show command, in some policy, it is not displayed "log-end" and "log-start" stanza like below test2 policy.
But log-setting is enable. I'm sorry I could not paste hole configuration.
Does it mean that it is impossilbe to lo

XML API - Need to replace services for a security rule via XML api - currently api call is appending new port

Hi - I create a service (tcp-443) and then create a security rule that uses this service as the service member.

This works.

Then, if I call the same API call with the same xpath and provide a different service, say tcp-449, the resulting security rul

Connection between PA-5020 and Cisco 9407

Hi there,

I have 2 sites on 2 different locations. On the first one i have a core router Cisco 9407 and on the other site i have a Firewall PA-5020. Since the ownership of the line between the sites is not ours do you have any suggestions how to conn

DicksSportingGoods Feedback

If you’re questing for a baseball product or cycling accessories, you can assure the goods of **bleep**’S sporting. Are you aware of **bleep**’s?  It’s the biggest provider of athletic types of equipment in the United States, and their shops are scat

Panorama Plugins

hey,

do anyone know if paloalto intends to open the plugins infrastructure so customers can add plugins to enrich panorama functions, menus UI and functions.. like other vendors have ?

Send Cisco ISE RADIUS attributes to Palo Alto to define policy

Hello,

We are running Cisco ISE 2.1 and we use one IP pool for wireless and wired corporate computers.

Is there any way to inform Palo Alto through syslog about users or groups (RADIUS Attributes) so different policies can be finetuned based on the co

Automate Minemeld .lst entries

Needing Automation.  Our Security analysts often send an email with URL(s), IP(s) that need to be Allowed/Blocked.  We have experimented with EDL and Minemeld and are successfully using each.  We are going to consolidate to using only Minemeld for th

Policy Based Forwarding - Enforce Symmetric Return

Dear All,

I integrade PALOALTO to Tacacs+ for authenticator, but I got message error as below

Authentication to TACACS+ server at '192.168.101.46' for user 'user1'
Server port: 49, timeout: 10, flag: 0
Egress: 192.168.101.42
Attempting CHAP authentication

Recent SAML integration with Global Protect

I've recently moved from using RADIUS authentication for Palo Alto and moved authentication over to SAML so I can integrate with Duo Security.  With this change, the domain info is no longer passed by SAML to Global Protect thus breaking several poli

ADFS: Importing XML fails due to buffer size

When I try to import the ADFS XML file into PAN, it fails with an error regarding the buffer being only 10k lines while my import is 10,288 lines.

Anyone have any idea how to fix this?