About Jatin.Singh

We are rolling out GP with SSO with Pre-login using certificates as of last week. The GP agents are connecting at pre-auth and subsequently doing SSO once the user signs in with cached credentials.    After the weekend, we are having multiple users reporting they cannot login.    We are seeing lots of events 'globalprotectportal-auth-fail' with description 'GlobalProtect portal user authentication failed. Login from: 124.189.178.11, Source region: AU,  User name: andrew.gee, Client OS version: Microsoft Windows 10 Enterprise , 64-bit, Reason: Cookie expired, Auth type: cookie.' We have cookie authentication override enabled on both gateway and the portal using the same CA Root, what can be the reason for this error and users not able to login ? ... View more

We are currently attempting to update our globalprotect client on our Palo Alto firewall, a PA-500. The version we are attempting to download is 5.0.8.   Currently when attempting to download we get the following error       Which hasn't given us much indication of what the issue is, and how to rectify it. We have checked the logs in an attempt to find additional information, which has given us the following information   administrator@PA-500> tail follow yes mp-log ms.log 2020-03-19 16:43:01.287 +1100 client dagger reported op command was SUCCESSFUL 2020-03-19 16:43:04.840 +1100 No upload information available sh: -o/tmp/pan/downloadprogress.10006: No such file or directory grep: /tmp/pan/downloadprogress.10006: No such file or directory NO_MATCHES 2020-03-19 16:43:06.623 +1100 Error:  pan_jobmgr_downloader_thread(pan_job_mgr.c:1110): DOWNLOAD job failed NO_MATCHES   We have also tried the following. - Restarting the Management Plane, with no change - Attempted to download PAN-OS 7.1.25 (currently running PAN-OS 7.1.5) which seems to fail with the same message - Changed the Service Route for PA updates to e1/5, with no change. - Tried a tcpdump from the management plane when clicking 'Download' but could not spot the traffic (1x port 443 tcpfump filter, 1x all traffic - pcaps attached)   There doesn't appear to be any dropped sessions in the pcap so we currently don't think it's our upstream firewall. ... View more

Hi Guys, I am just wondering if the following scenario is possible  Load balancing between the two client  VPN Gateways so half the clients connect to one VPN server at site A, and the other half connect to Site B.Palo alto firewalls on both sides. ... View more

We’ve recently upgraded our PAN from 8.0.4 to the latest version (8.1.13) successfully.   Now the issue is that we’ve been getting an email stating that “registering Wildfire Public Cloud has been successfully” every 20 minutes.   Is there a way to make this particular email to stop?   Subject: INV-FW1 - SYSTEM ALERT : medium : Successfully registered to Public Cloud wildfire.paloaltonetworks.com domain: 1 receive_time: 2020/02/28 16:57:28 serial: 012001004743 seqno: 3597815 actionflags: 0x0 type: SYSTEM subtype: wildfire config_ver: 0 time_generated: 2020/02/28 16:57:28 dg_hier_level_1: 0 dg_hier_level_2: 0 dg_hier_level_3: 0 dg_hier_level_4: 0 vsys_name: device_name: INV-FW1 vsys_id: 0 vsys: eventid: wildfire-conn-success object: fmt: 0 id: 0 module: general severity: medium opaque: Successfully registered to Public Cloud wildfire.paloaltonetworks.com   Also I tested the wildfire connection and it is successful.     djthirl@INV-FW1> test wildfire registration This test may take a few minutes to finish. Do you want to continue? (y or n)   Test wildfire Public Cloud           Testing cloud server wildfire.paloaltonetworks.com ...         wildfire registration:         successful         download server list:          successful         select the best server:        panos.wildfire.paloaltonetworks.com ... View more

We are using PANOS 9.1 and latest DNS security. Any thoughts on these errors from proxy log? 172.16.1.1 and 172.16.1.3 are Microsoft AD DNS servers.Can these be effecting performance of traffic?   2020-02-17 08:30:23.583 +1100 Error:  pan_dnsproxy_recv_server_udp_cb(pan_dnsproxy_udp.c:222): [udp]: fd 48 from 172.16.1.1 to 0.0.0.0 process server failed! 2020-02-17 08:30:24.490 +1100 Error:  pan_dnsproxy_process_server_pkt(pan_dnsproxy_pkt.c:1491): [DNS Proxy/21572/12452/-]:[Drop Rcvd Server Pkt]: invalid UDP socket! 2020-02-17 08:30:24.490 +1100 Error:  pan_dnsproxy_recv_server_udp_cb(pan_dnsproxy_udp.c:222): [udp]: fd 56 from 172.16.1.1 to 0.0.0.0 process server failed! ... View more