This website uses cookies essential to its operation, for analytics, and for personalized content. By continuing to browse this site, you acknowledge the use of cookies.
For details on cookie usage on our site, read our Privacy Policy
For details on cookie usage on our site, read our Privacy Policy
About slawek.kunach
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- LIVEcommunity
- About slawek.kunach
03-14-2018
27Posts
2Likes
1Solution
Mar 14, 2018Last Visited
User
Activity
User
Profile
Latest posts by slawek.kunach
| Subject | Views | Posted |
|---|---|---|
| 1248 | 08-21-2012 07:47 AM | |
| 2941 | 08-14-2012 09:05 AM | |
| 5752 | 08-10-2012 12:45 AM | |
| 3099 | 08-10-2012 12:21 AM | |
| 6065 | 08-10-2012 12:19 AM | |
| 3771 | 08-09-2012 01:18 AM | |
| 6747 | 08-01-2012 01:57 AM | |
| 1676 | 07-25-2012 08:57 AM | |
| 1741 | 07-25-2012 05:06 AM | |
| 2215 | 07-25-2012 01:19 AM |
My Liked Posts
| Subject | Likes | Posted |
|---|---|---|
| 1 Like | 08-14-2012 09:05 AM | |
| 1 Like | 08-10-2012 12:45 AM |
User Badges
Community Statistics
| Member Since | 10-29-2009 10:28 AM |
| Date Last Visited | 03-14-2018 01:38 PM |
| Posts | 27 |
| Total Likes Received | 2 |
08-21-2012
07:47 AM
Quick question that may have an even quicker answer. Is there any functionality to monitor users web browsing history through a Palo Alto 2020 box? And if the answer is yes then is there any functionality to perform traffic shaping? And I don't just mean block/allow, but I mean throlling if say for instance it is a youtube video or hotmail, then it would give that data a lower priority for instance?
... View more
08-14-2012
09:05 AM
1 Kudo
I have done just that and opened a support case now. They have got me looking at the show system resource in there and although yes, it isn't as high as it was showing in the web interface (was showing as never dipping below 45%), it is still constantly going quite high. I have a second PA box and even when I was running it all through that one the resources were not showing as high usage. But like I said, I have logged it with my support team so hopefully we will get to the bottom of it. Many thanks for all those who offered advice.
... View more
08-10-2012
12:45 AM
1 Kudo
One thing that I have noticed different on your configuration is that the Bind DN in the LDAP server profile. I put it in the format domain\administrator and then put in the admin password below it. Not sure if it would work for you but worth a shot. I think there was a command you can use to check user groups, but I can't remember off the top of my head. I will see if I can dig it up for you.
... View more
08-10-2012
12:21 AM
Currently running V 4.1.6. Although the same problem was happening when I was running V 4.1.3
... View more
08-10-2012
12:19 AM
Setting the LDAP server profile and then the group mappings seems to have solved my problem. Thanks everyone.
... View more
08-09-2012
01:18 AM
I have noticed that one my PA 2020 boxes constantly has a very high Management CPU usage. Like now for instance where nobody apart from myself is logged onto it and I am not doing anything apart from just sitting on the dashboard, with my refresh set to manual as well, and the management CPU is sitting at 47%. During the daytime when 1 other Admin might be logged on if we are doing anything with the box that will go up to around 85 or even 100%. Is this normal? I have a second PA 2020 box that is used for checking upgrades but I had it online for a few weeks up til last week and I don't think I ever saw it go as high as that in the management CPU. Although it does have a slightly bigger hard drive on it which may or may not account for that.
... View more
08-01-2012
01:57 AM
Hi, For some reason my Palo Alto 2020 has stopped recognizing rules that are applied to AD user groups. My 2 User ID agents are running on the Domain controllers and are showing green on my Palo Alto box. It works if I apply the rule to a specific AD user, so I know it is able to communicate with the ID agent otherwise it wouldn't register the user as logged on. It also lets me add the AD user group to a rule so it must be discovering the groups somehow. But when it comes to the web browsing rule, in this example, it doesn't apply the rule that is set for a user group. The only thing different was that I moved a server into a different ip range last night and changed the necessary security and NAT rules. Although the network range that is being affected I didn't touch at all and didn't make any changes to point to or away from that range either, or the range it points to. Any ideas? Is there anything I can look at on the ID agent to see why it would not be applying rules to AD groups?
... View more
- Tags:
- identification
Labels:
- Labels:
-
Networking
-
User-ID
07-25-2012
08:57 AM
Managed to sort it. The site needed it's own application created allowing it to upload and download to that specific site.
... View more
07-25-2012
05:06 AM
Hi, I have a bit of a strange one hence the strange question. I have a user who wants to upload files to a company's sharepoint website. Now as my rules stand currently they are not allowed to upload or use certain web applications. I tried making a custom rule just for testing purposes on a machine with the same ip range as the user in question and with the same rules being applied. The custom rule allowed them to use Application WebDav (as this is the one that seems to be blocked when uploading multiple files, which is what the user needs to do) and to allow the traffic through. What is strange though is that when I look at the logs, even though it then allows my test computer to upload, it doesn't show on the logs as using that custom rule. I know it is the rule that must be allowing it because as soon as I disable or remove that custom rule it stops working. Hence my question. Can 1 bit of traffic use 2 or more security rules and therefore only show the first rule used in the logs> Otherwise I am not sure why this rule allows it to upload, but is not showing as being used. If anyone else has had issues allowing uploads to sharepoint i would appreciate hearing your thoughts.
... View more
07-25-2012
01:19 AM
Yes, that seems to have sorted it all for me. Thanks Marco.
... View more
07-23-2012
09:19 AM
Just testing it out now. Having found the User-ID service and made that change it now lets me install. So that is a step in the right direction. Although now it is not letting me start the service. I'll continue to play around with it and let you know, but at least it is not refusing to install.
... View more
07-23-2012
03:35 AM
Oh and have also tried removing the registry key as described in Before re-installing the latest version. Which didn't work either.
... View more
07-23-2012
03:32 AM
We currently have User ID agent 3.1.2 installed on my 2 domain controllers and I am trying to upgrade them to V 4.1.4-3. Every time I try to install it I get it failing to install. I get the errors below in the logs. 07/23/12 10:57:55:960[ Info 1775]: UA: service is already stopped. 07/23/12 10:57:56:038[Error 1374]: Start service fails with error 1069!!!! 07/23/12 10:57:56:038[Error 1780]: UA: Start service fails with error 3! I have tried leaving the old version on and installing, removing the old version first then installing, I have also checked this suggestion https://live.paloaltonetworks.com/docs/DOC-3233 But still having the same problem. It allows me to re-install PA User-ID agent 3.1.2 but not any of the V4 installs. Any ideas?
... View more
07-16-2012
12:50 AM
I wonder if anyone might be able to tell me how long the ARP table timeout on a PA 2020 might be.
... View more
06-22-2012
04:46 AM
Ah ha. Thats the one. Thanks, I managed to export the rules doing it that way.
... View more
LEGAL NOTICES
Copyright 2007 - 2023 - Palo Alto Networks