This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Integration Discussions
This forum was created for Palo Alto Networks partners and customers to collaborate on topics related to integrating Palo Alto Networks products.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Integration Discussions
This forum was created for Palo Alto Networks partners and customers to collaborate on topics related to integrating Palo Alto Networks products.
About Integration Discussions
This forum was established for Palo Alto Networks partners and customers to collaborate on topics related to integration on the Palo Alto Networks products.

To start a new topic, simply click "New Message" below.

Discussions

Start a conversation

User-ID mapping integration for Multi-Domain AD server

Hi All, We are using windows based User-ID agent on Palo alto firewall for user-id mapping. We have an existing setup with AD domain abc.com for which the User-ID mapping is implemented on PA Firewall and User ID agent is installed on the abc.com domain controller and it is working fine without any issues. Now we are creating an completely new s...

Issue | "Nist NVD" Integration is not working

Hi, We have an issue with "Nist NVD" integration.When I click the command "!Nvd-search-keyword" we are getting the following message:"{" message ":" Both modStartDate and modEndDate are required when either is present. "}" The integration was published by: "Murat Ozfidan" and supported by "Community".Does anyone have an issue and can help? Thank...

Migrating fortinet 100D to Palo Alto 850

Hi, i am migrating fortinet 100D to Palo alto 850 appliance. Current below is the configuration we have in fortinet, wanted to know the same can be achieved in Palo atlo 1. wan link is ADSL-(dynamic IP- PPOE)2. Branch locations also has WAN- ppoe link, currently from HO to branch established IPSEC vpn on FQDN both ends.3. fortiguard DDNS configu...

How to monitor pa firewall packets rate via snmp ?

Hi Everyone, I would like to get the pa firewall packets rate via snmp monitor, however I can not find any snmp-mib description about it. I lookup paloalto networks Enterprise SNMP MIB Files for PANOS 10.0 & 10.1, but no any finding. Is it possible to get pa firewall packets rate via snmp mib ? or not ? Thanks. Regards,Joy Liu

Blue Coat Policy Import to Palo Web Filter

Hello I am looking to find the best way to migrate a blue coat policy to PAN OS 8.1. I am assuming it will need to be exported to xml then imported to the cli? I am sure some tweaking will need to be done. If anyone knows of a tool please let me know. THank you everyone.

Authentication of admin for the NGFW firewall through TACAS+ Server

Hi All, We are using TACAS+ Server profile(integrated with Cisco ISE) for authentication of our admin users. Both the username and password authentication from Firewall admin users are done through TACAS Server auth profile. On firewall we are having two locally created two super user admins. When an admin with super user access is authenticated...

Add Vm 100 palo alto machin (dr site) to a Panorama to the same device group and template (main Site)

heyso i have main site and dr site and they are connected in L2i have in the main site 2 physical pa3220 that there are in cluster (active, passive) and they connected to Panorama and they work perfect now i need to add the Palo Vm 100 machine that is in the dr site but i want that in the end every change that i will do in the main sitelike add ...

USer-id and Group mapping query

Dear Team,We are using Azure Ad server to integrate with PA.We have configure Azure Saml for authentication of Gp .We need to configure user-based and group based policy foor Gp users through Azure Ad.We need to integrated user-id agentless or uid agent and group mapping.IS it poosible to integrate with Azure AD.Note - We dont have on premise AD...

Is it "Use Signal Sign-On (Windows)" function work with SAML login for Global Protect?

As I know when SAML login for Global Protect, it will pop-up a login browser unlike other login method. take Azure AD syn with on-prem AD as a example, notebook Window domain login use a on-prem AD (Since Azure AD not support it), but Global Protect use a Azure AD for SAML.Two AD (on-prem vs Azure) will not the exactly same domain even it is syn...

JoeKwok by L2 Linker
  • 2099 Views
  • 0 replies
  • 0 Likes

log-end, log-start disappears at result of show command

Hi PANOS 8.1.13 At result of show command, in some policy, it is not displayed "log-end" and "log-start" stanza like below test2 policy.But log-setting is enable. I'm sorry I could not paste hole configuration.Does it mean that it is impossilbe to logging to Traffic_log file? snip:set vsys vsys2 rulebase security rules test1 log-start noset vsys...

kjkjkj by L0 Member
  • 2558 Views
  • 1 replies
  • 0 Likes

Resolved! App-ID : Allow all SSL based apps in a security policy (google, amazon, ...)

Hello Community, A bit of context :- we have a server that queries external websites- we allowed the "ssl" app from this server to the outside world- we discovered that some of the trafic originated by this server was dropped because of the firewall detecting it as a specific application, not "ssl" I understand that this behaviour is intended an...

Resolved! Cannot integrate with AD Server

I am trying to integrate PA firewall with newly installed Active Directory server (windows server 2019) but it is not connecting. I get the error Failed to connect to 10.x.x.x(10.x.x.x):389 and the server monitoring status says host unreachable. The group mapping, group include list does not populate as the firewall has not made connection yet...

Grekko by L1 Bithead
  • 9884 Views
  • 3 replies
  • 0 Likes

XML API - Need to replace services for a security rule via XML api - currently api call is appending new port

Hi - I create a service (tcp-443) and then create a security rule that uses this service as the service member. This works. Then, if I call the same API call with the same xpath and provide a different service, say tcp-449, the resulting security rule has *both* tcp-443 and tcp-449 in the Service column: First call is <service>["tcp-443"]&...

  • 77 Posts
  • 27 Subscriptions
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks