About _slv_

_slv_ · ‎04-10-2014

I have 429-2164 update installed, and I expected to sow in thread logs entries with ( threatid eq 36416) - but I haven't such entries. I did some verification test by http://possible.lv/tools/hb/ webpage so in my opinion it should appear in thread logs. Is it normal behaviour? Regards Slawek

_slv_ · ‎04-07-2014

First question, are You able to ping from CLI to your AD servers? if not - You must configure Device>Setup>Services>Service Route Configuration

_slv_ · ‎04-04-2014

I had the same problem as You, please check this Policy with "Log at Session Start" option - how to find it? or even remove loggin on policies for DNS/or any other "good" traffic. Hope it could help You Regards Slawek

_slv_ · ‎04-04-2014

Hi I waiting for 6.0.2 and I realized that veriosn 5.x was released in almost every month, but 6.0.x in every two monts - is this a new practice in PaloAlto? Hopefully that it will be better checked than early 5.0.x version. Regards Slawek

_slv_ · ‎04-02-2014

are You sure? Under portal settings of GlobalProtect / client config / user I can choose from group that I allowed, but there isn't option to exclude one user. I think. As You can see on the picture above why the second line has "user" sigh not the "group" sign? Regards SLawek

_slv_ · ‎04-02-2014

Hi Today I faced with a problem, I had to add second gorup to my "Athentication Profile" and I can't do that... Every time when I try to past a "CN=VPN_users,OU=U,OU=Work Groups,OU=Security,OU=Groups,DC=contoso,DC=local" I got it as a user not a group, why? So finally I added "any" - but in my opinion it's bad idea because I allow all AD users to use GP. Do I am right? I have dubt, how its working.. Why I have first add a group to Device>User Identyfication>Group Mapping settings? So where I should leave "all" and where I should filter groups that are allowed for GP? How (where) to exclude one user from group that is allowed? Regards Slawek

_slv_ · ‎04-01-2014

I had similar problems with our VoIP devices. I still on 5.x PAN and I have Appliction Override for that. TAC told me that my problem will be solved in PAN 6.x. Something similar to VOIP Traffic Disconnects Every 30 Seconds or https://live.paloaltonetworks.com/message/15066#15066 With regards Slawek

_slv_ · ‎04-01-2014

Hello I'm using user ID with agents on DC. Today I got strange problem. I created new user and I try to logon to GP portal and user GP client. Everytime I got in logs invalid username or password. I know: >debug user-id refresh group-mapping all (non-intrusive command) This command will only fetch the delta/ difference value from the active directory > debug user-id reset group-mapping all (intrusive command) but it's for group, this user doesn't belogs to any of mapped group. How to force refresh this user? Regards SLawek

_slv_ · ‎04-01-2014

Hi On 5.0.9 You can use: admin@PA-200> show dhcp server lease ethernet1/4.31 | match committed My question is - is it possible to monitor by SNMP? (on 5.x or 6.x)? Regards Slawek

_slv_ · ‎03-31-2014

Hi According to Operating system Compatibility Windows 8.1 is supported with min v1.2 of GP client. Maybe it's other problem, like GlobalProtect single sign on did not work REgards Slawek

_slv_ · ‎03-31-2014

One more thing, when I had this issue I got email from my PA device with topic: "SYSTEM ALERT : critical : "Disk usage exceeds limit, 100 percent in use, cleaning filesystem"" I have email notification for critical system alerts. Regards Slawek

_slv_ · ‎03-31-2014

Hi What veriosn of PAN are You using? Try this: debug software restart management-server debug software restart vardata-receiver debug software restart log-receiver Regards Slawek

_slv_ · ‎03-28-2014

I'm using scheduled log export by scp. Every log file I can open even in notepad, please read How to Export Logs Scheduled exports You can configure in Device>Scheduled log export. In PAN 5.x You can use scp insted of FTP. Regards SLawek

_slv_ · ‎03-27-2014

On my PA200 it is one of predefined reports:

_slv_ · ‎03-27-2014

I'm not sure that I understud You clearly. Is my policy should be like: This is that what I alredy had. What about "TOP blocked user bahavior"? With Regards Slawek

Member Since	‎06-13-2012 08:35 AM
Date Last Visited
Posts	658
Total Likes Received	97

About _slv_

Re: Captive Portal - Terms of Service

Re: Captive Portal - Terms of Service

Re: Captive Portal NTLM and responce page

Re: Captive Portal - Terms of Service

Captive Portal NTLM and responce page

Re: Captive Portal - Terms of Service

Re: Captive Portal - Terms of Service

Re: Captive Portal - Terms of Service

Re: Captive Portal - Terms of Service

Re: Captive Portal - Terms of Service

Re: Unauthorized DHCP offers

Re: Fragroute Evasion Attack - how to find source process/application?

Captive Portal with Radius and groups of users

Re: How to list url filtering profile using CLI

Re: Unable to download 8.0.6 on PA500

Palo Alto Networks SuperFan Program

Re: ROBOT attack - some advice needed

Re: strange order in definition updates view - PANOS 8.x

Re: AD trouble after installing content version 729

New Global Protect 3.0 is not good enough

Re: OpenSSL Heartbleed bug: CVE-2014-0160

Re: Clientless User-ID problem

Re: Internet logs, backup and review

Re: Is it recommended to upgrade to PAN-OS 6.0.0?, Is it stable?

Re: AD integration and exclude one user

AD integration and exclude one user

Re: MGCP being dropped since upgrading to 6.0.1

AD interation and recently created user - problem

Re: How many DHCP bindings are in use?

Re: Global Protect and Win8.1

Re: Problem with system logs

Re: Problem with system logs

Re: How to open exported logs?

Re: www server in DMZ - what aplication should me allowed?

Re: www server in DMZ - what aplication should me allowed?

Unlock your full community experience!

About _slv_