This website uses cookies essential to its operation, for analytics, and for personalized content. By continuing to browse this site, you acknowledge the use of cookies.
For details on cookie usage on our site, read our Privacy Policy
For details on cookie usage on our site, read our Privacy Policy
About fmurray
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- LIVEcommunity
- About fmurray
05-10-2019
9Posts
1Like
0Solutions
May 10, 2019Last Visited
User
Activity
User
Profile
Latest posts by fmurray
| Subject | Views | Posted |
|---|---|---|
| 2118 | 03-01-2019 11:49 AM | |
| 1764 | 02-22-2018 05:28 PM | |
| 4372 | 01-29-2018 06:18 PM | |
| 5233 | 01-12-2017 03:26 PM | |
| 1453 | 12-05-2016 02:09 PM | |
| 2112 | 05-27-2016 11:07 AM | |
| 4243 | 03-04-2015 11:55 PM | |
| 4242 | 03-04-2015 11:42 AM | |
| 4274 | 03-04-2015 11:34 AM |
My Liked Posts
| Subject | Likes | Posted |
|---|---|---|
| 1 Like | 01-29-2018 06:18 PM |
User Badges
Community Statistics
| Member Since | 03-04-2015 11:21 AM |
| Date Last Visited | 05-10-2019 08:24 PM |
| Posts | 9 |
| Total Likes Received | 1 |
03-01-2019
11:49 AM
Currently we forward nearly all of the firewall's logs to our syslog server, but the amount of irrelevant minutiae is over-whelming the syslog server. Is there a best-practice for what information should be forwarded to syslog? I don't want to miss anything important but I ready want to eliminate the un-important. Thanks
... View more
- Tags:
- best practice
- syslog
02-22-2018
05:28 PM
Hi For traffic that matches the intrazone default policy, and assuming there are no security profiles for anti-virus, anti-malware, threat protection. etc, Is there any inspection performed? Reason I ask- I found an article on the Knowledge base about increasing performance for SMB traffic by enabling an application override for the traffic. Would application override have any effect on this traffic? Thanks
... View more
01-29-2018
06:18 PM
1 Kudo
Curious to see if there's some group concensus on how many firewalls an organization needs to have before the cost of Panorama is justified? Right now we have two H.A. pairs (four total) and im not sure Panorama would make life that much easier. Thanks for your input.
... View more
01-12-2017
03:26 PM
WE have a problem with globalprotect- The users sometimes need to disable the globalprotect client in order to connect to another VPN. Later when the globalprotect client is re-enabled, any attempt to authenticate immediately returns a username/password invalid error. If the user reboots the computer, the globalprotect client works first try. Some users have the same problem if their computer goes into sllep mode- after waqking the computer up, the authentication fails until the computer is restarted. After that it works fine. Any ideas? Here's log before reboot: 2017-01-12 14:26:23.046 -0800 debug: pan_auth_request_process(pan_auth_state_engine.c:1540): Receive request: msg type PAN_AUTH_REQ_REMOTE_INIT_AUTH, conv id 79, body length 2156 2017-01-12 14:26:23.046 -0800 debug: pan_auth_request_process(pan_auth_state_engine.c:1563): Trying to authenticate: <profile: "Remote_ail(pan_auth_util.c:921): "fmurray" is a non-admin user with auth profile "Remote_Acess_Sequence" and vsys "vsys1" 2017-01-12 14:26:23.046 -0800 debug: _get_authseq_profile(pan_auth_util.c:809): Auth profile/vsys (Remote_Acess_Sequence/vsys1) is auth sequence 2017-01-12 14:26:23.046 -0800 debug: _populate_authseq_auth_vec_n_vsys_vec(pan_auth_util.c:756): auth sequence "Remote_Acess_Sequence" enabled flag: use-domain-find-profile2017-01-12 14:26:23.046 -0800 debug: _has_domain_in_request(pan_auth_util.c:692): Extracted domain info "coanaheim" from user name "fmurray" 2017-01-12 14:26:23.046 -0800 debug: _get_auth_prof_id_in_seq_by_domain(pan_auth_util.c:726): Extracted domain info "coanaheim" from user input = user domain of profile/vsys: "RemoteAccess-LDAP/vsys1" in auth sequence 2017-01-12 14:26:23.046 -0800 debug: pan_auth_request_process(pan_auth_state_engine.c:1616): Using auth seq, saving original username fmurray from request 2017-01-12 14:26:23.047 -0800 debug: pan_auth_cache_user_is_allowed(pan_auth_cache_allowlist_n_grp.c:260): This is a single vsys platform, group check for allow list is performed on "vsys1" 2017-01-12 14:26:23.047 -0800 debug: pan_auth_cache_user_is_allowed(pan_auth_cache_allowlist_n_grp.c:263): user "fmurray" is a member of group "cn=domain users,cn=users,dc=anaheim,dc=intranet" on single vsys 2017-01-12 14:26:23.047 -0800 debug: pan_auth_cache_user_is_allowed(pan_auth_cache_allowlist_n_grp.c:271): user "fmurray" is in allow list of auth prof/vsys "RemoteAccess-LDAP/vsys1" 2017-01-12 14:26:23.047 -0800 debug: pan_allowlist_request_process(pan_auth_allow_lock.c:87): user "fmurray" is a member of "cn=domain users,cn=users,dc=anaheim,dc=intranet" in allow list of auth prof "RemoteAccess-LDAP" 2017-01-12 14:26:23.047 -0800 debug: _authenticate_by_localdb_or_remote_server(pan_auth_state_engine.c:1068): Authenticating user "fmurray" with <profile: "RemoteAccess-LDAP", vsys: "vsys1">, which is Auth Profile 1 of 2 in <sequence "Remote_Acess_Sequence", vsys "vsys1"> 2017-01-12 14:26:23.047 -0800 debug: pan_auth_service_get_svr_ids(pan_auth_service.c:630): find auth server id vector for RemoteAccess-LDAP-vsys1 2017-01-12 14:26:23.047 -0800 debug: _get_AD_maxPwdAge(pan_authd_shared_ldap.c:658): getting maxPwdAge attr from AD with LDAD pointer = 0x9843eb0... 2017-01-12 14:26:23.048 -0800 debug: _parse_ldap_search_result(pan_authd_shared_ldap.c:386): DN in entry DC=anaheim,DC=intranet 2017-01-12 14:26:23.048 -0800 debug: _process_user_info(pan_authd_shared_ldap.c:294): found LDAP attribute: maxPwdAge 2017-01-12 14:26:23.048 -0800 debug: _process_user_info(pan_authd_shared_ldap.c:330): AD : Got value maxPwdAge : 77760000000000 2017-01-12 14:26:23.048 -0800 debug: pan_authd_ldap_authenticate(pan_authd_shared_ldap.c:965): searching basedn "DC=anaheim,DC=intranet " for filter "(sAMAccountName=fmurray)", attrs "framedIPAddress", LDAPp=0x9843eb0 2017-01-12 14:26:23.048 -0800 Error: _send_async_ldap_search(pan_authd_shared_ldap.c:629): Failed to search. filter (sAMAccountName=fmurray), attr[0] framedIPAddress. error code: -7, (Bad search filter) 2017-01-12 14:26:23.048 -0800 Error: pan_authd_ldap_authenticate(pan_authd_shared_ldap.c:971): send userdn search request 2017-01-12 14:26:23.048 -0800 Error: _start_sync_auth(pan_auth_service_handle.c:578): sync request for user "fmurray" is fai led or possibly timed out against 172.20.1.36:389 with 0th VOIDp=0x9843eb0 2017-01-12 14:26:23.048 -0800 debug: pan_auth_response_process(pan_auth_state_engine.c:2337): auth status: auth state unknown 2017-01-12 14:26:23.048 -0800 debug: pan_auth_response_process(pan_auth_state_engine.c:2470): Auth sequence, start to try next auth profile: <profile: "PD_RemoteAccess-LDAP", vsys: "vsys1"> for user "fmurray" 2017-01-12 14:26:23.048 -0800 debug: pan_auth_request_process(pan_auth_state_engine.c:1540): Receive request: msg type PAN_AUTH_REQ_REMOTE_INIT_AUTH, conv id 79, body length 2156 2017-01-12 14:26:23.048 -0800 debug: pan_auth_request_process(pan_auth_state_engine.c:1556): Using auth sequence, copying original username fmurray into request 2017-01-12 14:26:23.048 -0800 debug: pan_auth_request_process(pan_auth_state_engine.c:1563): Trying to authenticate: <profile: "Remote_Acess_Sequence", vsys: "vsys1", username "fmurray"> 2017-01-12 14:26:23.048 -0800 debug: _get_auth_prof_detail(pan_auth_util.c:921): "fmurray" is a non-admin user with auth profile "Remote_Acess_Sequence" and vsys "vsys1" 2017-01-12 14:26:23.049 -0800 debug: pan_auth_cache_user_is_allowed(pan_auth_cache_allowlist_n_grp.c:260): This is a single vsys platform, group check for allow list is performed on "vsys1" 2017-01-12 14:26:23.049 -0800 debug: pan_auth_cache_user_is_allowed(pan_auth_cache_allowlist_n_grp.c:263): user "fmurray" is a member of group "cn=domain users,cn=users,dc=anaheim,dc=intranet" on single vsys 2017-01-12 14:26:23.049 -0800 debug: pan_auth_cache_user_is_allowed(pan_auth_cache_allowlist_n_grp.c:271): user "fmurray" is in allow list of auth prof/vsys "PD_RemoteAccess-LDAP/vsys1" 2017-01-12 14:26:23.049 -0800 debug: pan_allowlist_request_process(pan_auth_allow_lock.c:87): user "fmurray" is a member of "cn=domain users,cn=users,dc=anaheim,dc=intranet" in allow list of auth prof "PD_RemoteAccess-LDAP" 2017-01-12 14:26:23.049 -0800 debug: _authenticate_by_localdb_or_remote_server(pan_auth_state_engine.c:1068): Authenticating user "fmurray" with <profile: "PD_RemoteAccess-LDAP", vsys: "vsys1">, which is Auth Profile 2 of 2 in <sequence "Remote_Acess_Sequence" , vsys "vsys1"> 2017-01-12 14:26:23.049 -0800 debug: pan_auth_service_get_svr_ids(pan_auth_service.c:630): find auth server id vector for PD_RemoteAccess-LDAP-vsys1 2017-01-12 14:26:23.049 -0800 debug: _get_AD_maxPwdAge(pan_authd_shared_ldap.c:658): getting maxPwdAge attr from AD with LDAD pointer = 0xeeb04248... 2017-01-12 14:26:23.051 -0800 debug: _parse_ldap_search_result(pan_authd_shared_ldap.c:386): DN in entry DC=pd,DC=anaheim,DC=intranet 2017-01-12 14:26:23.051 -0800 debug: _process_user_info(pan_authd_shared_ldap.c:294): found LDAP attribute: maxPwdAge 2017-01-12 14:26:23.051 -0800 debug: _process_user_info(pan_authd_shared_ldap.c:330): AD : Got value maxPwdAge : 77760000000000 2017-01-12 14:26:23.051 -0800 debug: pan_authd_ldap_authenticate(pan_authd_shared_ldap.c:965): searching basedn "DC=pd,DC=anaheim,DC=intranet" for filter "(sAMAccountName=fmurray)", attrs "framedIPAddress", LDAPp=0xeeb04248 2017-01-12 14:26:23.051 -0800 Error: _send_async_ldap_search(pan_authd_shared_ldap.c:629): Failed to search. filter (sAMAccountName=fmurray), attr[0] framedIPAddress. error code: -7, (Bad search filter) 2017-01-12 14:26:23.051 -0800 Error: pan_authd_ldap_authenticate(pan_authd_shared_ldap.c:971): send userdn search request 2017-01-12 14:26:23.051 -0800 Error: _start_sync_auth(pan_auth_service_handle.c:578): sync request for user "fmurray" is failed or possibly timed out against 10.2.32.121:389 with 0th VOIDp=0xeeb04248 2017-01-12 14:26:23.051 -0800 debug: pan_auth_response_process(pan_auth_state_engine.c:2337): auth status: auth state unknown 2017-01-12 14:26:23.051 -0800 debug: pan_auth_response_process(pan_auth_state_engine.c:2479): Auth sequence, all auth profiles tried and failed: <sequence profile: "Remote_Acess_Sequence", vsys: "vsys1"> for user "fmurray" 2017-01-12 14:26:23.051 -0800 failed authentication for user 'fmurray'. Reason: Invalid username/password auth profile 'Remote_Acess_Sequence', vsys 'vsys1', server profile 'PD_SSL_VPN_PRIFILE', server address '10.2.32.121', From: 70.197.73.40. 2017-01-12 14:26:23.051 -0800 debug: _log_auth_respone(pan_auth_server.c:240): Sent FAILED auth response for user 'fmurray' (exp_in_days=-1 (-1 never; 0 within a day)) Here's the log after reboot: 2017-01-12 14:30:03.532 -0800 debug: pan_auth_request_process(pan_auth_state_engine.c:1540): Receive request: msg type PAN_AUTH_REQ_REMOTE_INIT_AUTH, conv id 80, body length 2156 2017-01-12 14:30:03.532 -0800 debug: pan_auth_request_process(pan_auth_state_engine.c:1563): Trying to authenticate: <profile: "Remote_Acess_Sequence", vsys: "vsys1", username "fmurray"> 2017-01-12 14:30:03.532 -0800 debug: _get_auth_prof_detail(pan_auth_util.c:921): "fmurray" is a non-admin user with auth profile "Remote_Acess_Sequence" and vsys "vsys1" 2017-01-12 14:30:03.532 -0800 debug: _get_authseq_profile(pan_auth_util.c:809): Auth profile/vsys (Remote_Acess_Sequence/vsys1) is auth sequence 2017-01-12 14:30:03.532 -0800 debug: _populate_authseq_auth_vec_n_vsys_vec(pan_auth_util.c:756): auth sequence "Remote_Acess_Sequence" enabled flag: use-domain-find-profile2017-01-12 14:30:03.532 -0800 debug: pan_auth_request_process(pan_auth_state_engine.c:1616): Usingving original username fmurray from request 2017-01-12 14:30:03.533 -0800 debug: pan_auth_cache_user_is_allowed(pan_auth_cache_allowlist_n_grp.c:260): This is a single vsys platform, group check for allow list is performed on "vsys1" 2017-01-12 14:30:03.533 -0800 debug: pan_auth_cache_user_is_allowed(pan_auth_cache_allowlist_n_grp.c:263): user "fmurray" is a member of group "cn=domain users,cn=users,dc=anaheim,dc=intranet" on single vsys 2017-01-12 14:30:03.533 -0800 debug: pan_auth_cache_user_is_allowed(pan_auth_cache_allowlist_n_grp.c:271): user "fmurray" is in allow list of auth prof/vsys "RemoteAccess-LDAP/vsys1" 2017-01-12 14:30:03.533 -0800 debug: pan_allowlist_request_process(pan_auth_allow_lock.c:87): user "fmurray" is a member of "cn=domain users,cn=users,dc=anaheim,dc=intranet" in allow list of auth prof "RemoteAccess-LDAP" 2017-01-12 14:30:03.533 -0800 debug: _authenticate_by_localdb_or_remote_server(pan_auth_state_engine.c:1068): Authenticating user "fmurray" with <profile: "RemoteAccess-LDAP", vsys: "vsys1">, which is Auth Profile 1 of 2 in <sequence "Remote_Acess_Sequence", vsys "vsys1"> 2017-01-12 14:30:03.533 -0800 debug: pan_auth_service_get_svr_ids(pan_auth_service.c:630): find auth server id vector for RemoteAccess-LDAP-vsys1 2017-01-12 14:30:03.533 -0800 debug: _get_AD_maxPwdAge(pan_authd_shared_ldap.c:658): getting maxPwdAge attr from AD with LDAD pointer = 0x9843eb0... 2017-01-12 14:30:03.534 -0800 debug: _parse_ldap_search_result(pan_authd_shared_ldap.c:386): DN in entry DC=anaheim,DC=intranet 2017-01-12 14:30:03.534 -0800 debug: _process_user_info(pan_authd_shared_ldap.c:294): found LDAP attribute: maxPwdAge 2017-01-12 14:30:03.534 -0800 debug: _process_user_info(pan_authd_shared_ldap.c:330): AD : Got value maxPwdAge : 77760000000000 2017-01-12 14:30:03.534 -0800 debug: pan_authd_ldap_authenticate(pan_authd_shared_ldap.c:965): searching basedn "DC=anaheim,DC=intranet" for filter "(sAMAccountName=fmurray)", attrs "framedIPAddress", LDAPp=0x9843eb0 2017-01-12 14:30:03.535 -0800 debug: _parse_ldap_search_result(pan_authd_shared_ldap.c:386): DN in entry CN=Frank Murray,OU=Network Team,OU=HP,OU=Contractor,DC=anaheim,DC=intranet 2017-01-12 14:30:03.535 -0800 debug: _process_user_info(pan_authd_shared_ldap.c:294): found LDAP attribute: cn 2017-01-12 14:30:03.535 -0800 debug: _process_user_info(pan_authd_shared_ldap.c:294): found LDAP attribute: userAccountControl 2017-01-12 14:30:03.535 -0800 debug: _process_user_info(pan_authd_shared_ldap.c:337): AD : Got value userAccountControl : 512 2017-01-12 14:30:03.535 -0800 debug: _process_user_info(pan_authd_shared_ldap.c:294): found LDAP attribute: pwdLastSet 2017-01-12 14:30:03.535 -0800 debug: _process_user_info(pan_authd_shared_ldap.c:320): AD : Got value pwdLastSet : 131226705754141950 2017-01-12 14:30:03.535 -0800 debug: pan_authd_ldap_authenticate(pan_authd_shared_ldap.c:1029): Received user DN: "CN=Frank Murray,OU=Nor,DC=anaheim,DC=intranet" 2017-01-12 14:30:03.535 -0800 debug: pan_authd_ldap_authenticate(pan_authd_shared_ldap.c:1052): DN sent to LDAP server: CN=Frank Murray,OU=Network Team,OU=HP,OU=Contractor,DC=anaheim,DC=intranet 2017-01-12 14:30:03.537 -0800 debug: pan_authd_ldap_authenticate(pan_authd_shared_ldap.c:1077): User "fmurray" is ACCEPTED (msgid = 10, LDAPp=0x9843eb0) 2017-01-12 14:30:03.537 -0800 debug: _get_AD_passwd_exp_in_days(pan_authd_shared_ldap.c:79): userAccountControl = 512 (not never expire) 2017-01-12 14:30:03.537 -0800 pwdlastset: 13122670575 2017-01-12 14:30:03.537 -0800 debug: _get_AD_passwd_exp_in_days(pan_authd_shared_ldap.c:139): AD pwd expires in days 20 2017-01-12 14:30:03.537 -0800 debug: pan_authd_ldap_authenticate(pan_authd_shared_ldap.c:1086): Got user expire-in-days: -1 (-1 means no expiration), passwd_exp in auth profile: 7 2017-01-12 14:30:03.537 -0800 debug: pan_authd_ldap_authenticate(pan_authd_shared_ldap.c:1131): binding back to PaloAltoServices@anaheim.intranet 2017-01-12 14:30:03.537 -0800 debug: pan_authd_ldap_bind(pan_authd_shared_ldap.c:569): binding with binddn PaloAltoServices@anaheim.intranet 2017-01-12 14:30:03.539 -0800 debug: pan_auth_response_process(pan_auth_state_engine.c:2337): auth status: auth success 2017-01-12 14:30:03.539 -0800 debug: pan_auth_response_process(pan_auth_state_engine.c:2397): Authentication success: <profile: "RemoteAccess-LDAP", vsys: "vsys1", username "fmurray"> 2017-01-12 14:30:03.540 -0800 authenticated for user 'fmurray'. auth profile 'Remote_Acess_Sequence', vsys 'vsys1', server profile 'SSL_VPN_PROFILE', server address '172.20.1.36', From: 70.197.73.40. 2017-01-12 14:30:03.541 -0800 debug: _log_auth_respone(pan_auth_server.c:240): Sent SUCCESS auth response for user 'fmurray' (exp_in_days=-1 (-1 never; 0 within a day)) (return domain 'coanaheim') 2017-01-12 14:30:04.005 -0800 debug: pan_auth_request_process(pan_auth_state_engine.c:1540): Receive request: msg type PAN_AUTH_REQ_REMOTE_INIT_AUTH, conv id 81, body length 2156 2017-01-12 14:30:04.005 -0800 debug: pan_auth_request_process(pan_auth_state_engine.c:1563): Trying to authenticate: <profile: "Remote_Acess_Sequence", vsys: "vsys1", username "fmurray"> 2017-01-12 14:30:04.005 -0800 debug: _get_auth_prof_detail(pan_auth_util.c:921): "fmurray" is a non-admin user with auth profile "Remote_Acess_Sequence" and vsys "vsys1" 2017-01-12 14:30:04.005 -0800 debug: _get_authseq_profile(pan_auth_util.c:809): Auth profile/vsys (Remote_Acess_Sequence/vsys1) is auth sequence 2017-01-12 14:30:04.005 -0800 debug: _populate_authseq_auth_vec_n_vsys_vec(pan_auth_util.c:756): auth sequence "Remote_Acess_Sequence" enabled flag: use-domain-find-profile2017-01-12 14:30:04.005 -0800 debug: pan_auth_request_process(pan_auth_state_engine.c:1616): Using auth seq, saving original username fmurray from request 2017-01-12 14:30:04.005 -0800 debug: pan_auth_cache_user_is_allowed(pan_auth_cache_allowlist_n_grp.c:260): This is a single vsys platfo rm, group check for allow list is performed on "vsys1" 2017-01-12 14:30:04.005 -0800 debug: pan_auth_cache_user_is_allowed(pan_auth_cache_allowlist_n_grp.c:263): user "fmurray" is a member o f group "cn=domain users,cn=users,dc=anaheim,dc=intranet" on single vsys 2017-01-12 14:30:04.005 -0800 debug: pan_auth_cache_user_is_allowed(pan_auth_cache_allowlist_n_grp.c:271): user "fmurray" is in allow l ist of auth prof/vsys "RemoteAccess-LDAP/vsys1" 2017-01-12 14:30:04.005 -0800 debug: pan_allowlist_request_process(pan_auth_allow_lock.c:87): user "fmurray" is a member of "cn=domain users,cn=users,dc=anaheim,dc=intranet" in allow list of auth prof "RemoteAccess-LDAP" 2017-01-12 14:30:04.006 -0800 debug: _authenticate_by_localdb_or_remote_server(pan_auth_state_engine.c:1068): Authenticating user "fmur ray" with <profile: "RemoteAccess-LDAP", vsys: "vsys1">, which is Auth Profile 1 of 2 in <sequence "Remote_Acess_Sequence", vsys "vsys1 "> 2017-01-12 14:30:04.006 -0800 debug: pan_auth_service_get_svr_ids(pan_auth_service.c:630): find auth server id vector for RemoteAccess- LDAP-vsys1 2017-01-12 14:30:04.006 -0800 debug: _get_AD_maxPwdAge(pan_authd_shared_ldap.c:658): getting maxPwdAge attr from AD with LDAD pointer = 0x9843eb0... 2017-01-12 14:30:04.007 -0800 debug: _parse_ldap_search_result(pan_authd_shared_ldap.c:386): DN in entry DC=anaheim,DC=intranet 2017-01-12 14:30:04.007 -0800 debug: _process_user_info(pan_authd_shared_ldap.c:294): found LDAP attribute: maxPwdAge 2017-01-12 14:30:04.007 -0800 debug: _process_user_info(pan_authd_shared_ldap.c:330): AD : Got value maxPwdAge : 77760000000000 2017-01-12 14:30:04.007 -0800 debug: pan_authd_ldap_authenticate(pan_authd_shared_ldap.c:965): searching basedn "DC=anaheim,DC=intranet " for filter "(sAMAccountName=fmurray)", attrs "framedIPAddress", LDAPp=0x9843eb0 2017-01-12 14:30:04.008 -0800 debug: _parse_ldap_search_result(pan_authd_shared_ldap.c:386): DN in entry CN=Frank Murray,OU=Network Team,OU=HP,OU=Contractor,DC=anaheim,DC=intranet 2017-01-12 14:30:04.008 -0800 debug: _process_user_info(pan_authd_shared_ldap.c:294): found LDAP attribute: cn 2017-01-12 14:30:04.008 -0800 debug: _process_user_info(pan_authd_shared_ldap.c:294): found LDAP attribute: userAccountControl 2017-01-12 14:30:04.008 -0800 debug: _process_user_info(pan_authd_shared_ldap.c:337): AD : Got value userAccountControl : 512 2017-01-12 14:30:04.008 -0800 debug: _process_user_info(pan_authd_shared_ldap.c:294): found LDAP attribute: pwdLastSet 2017-01-12 14:30:04.008 -0800 debug: _process_user_info(pan_authd_shared_ldap.c:320): AD : Got value pwdLastSet : 131226705754141950 2017-01-12 14:30:04.008 -0800 debug: pan_authd_ldap_authenticate(pan_authd_shared_ldap.c:1029): Received user DN: "CN=Frank Murray,OU=Network Team,OU=HP,OU=Contractor,DC=anaheim,DC=intranet" 2017-01-12 14:30:04.008 -0800 debug: pan_authd_ldap_authenticate(pan_authd_shared_ldap.c:1052): DN sent to LDAP server: CN=Frank Murray,OU=Network Team,OU=HP,OU=Contractor,DC=anaheim,DC=intranet 2017-01-12 14:30:04.010 -0800 debug: pan_authd_ldap_authenticate(pan_authd_shared_ldap.c:1077): User "fmurray" is ACCEPTED (msgid = 14, LDAPp=0x9843eb0) 2017-01-12 14:30:04.010 -0800 debug: _get_AD_passwd_exp_in_days(pan_authd_shared_ldap.c:79): userAccountControl = 512 (not never expire) 2017-01-12 14:30:04.010 -0800 pwdlastset: 13122670575 2017-01-12 14:30:04.010 -0800 debug: _get_AD_passwd_exp_in_days(pan_authd_shared_ldap.c:139): AD pwd expires in days 20 2017-01-12 14:30:04.010 -0800 debug: pan_authd_ldap_authenticate(pan_authd_shared_ldap.c:1086): Got user expire-in-days: -1 (-1 means no expiration), passwd_exp in auth profile: 7 2017-01-12 14:30:04.010 -0800 debug: pan_authd_ldap_authenticate(pan_authd_shared_ldap.c:1131): binding back to PaloAltoServices@anaheim.intranet 2017-01-12 14:30:04.010 -0800 debug: pan_authd_ldap_bind(pan_authd_shared_ldap.c:569): binding with binddn PaloAltoServices@anaheim.intranet 2017-01-12 14:30:04.011 -0800 debug: pan_auth_response_process(pan_auth_state_engine.c:2337): auth status: auth success 2017-01-12 14:30:04.011 -0800 debug: pan_auth_response_process(pan_auth_state_engine.c:2397): Authentication success: <profile: "Remote Access-LDAP", vsys: "vsys1", username "fmurray"> 2017-01-12 14:30:04.011 -0800 authenticated for user 'fmurray'. auth profile 'Remote_Acess_Sequence', vsys 'vsys1', server profile 'SSL_VPN_PROFILE', server address '172.20.1.36', From: 70.197.73.40. 2017-01-12 14:30:04.011 -0800 debug: _log_auth_respone(pan_auth_server.c:240): Sent SUCCESS auth response for user 'fmurray' (exp_in_days=-1 (-1 never; 0 within a day)) (return domain 'coanaheim') 2017-01-12 14:30:04.036 -0800 debug: authd_sysd_localprofile_callback(pan_auth_sysd.c:706): localprofile sync triggered via sysd 2017-01-12 14:30:04.036 -0800 debug: authd_sysd_localprofile_callback(pan_auth_sysd.c:726): get local info for vsys1/Remote_Acess_Sequence 2017-01-12 14:30:04.036 -0800 Error: pan_authd_profile_is_local(pan_auth_util.c:1115): get auth profile setting for profile Remote_Ace ss_Sequence
... View more
12-05-2016
02:09 PM
Is there a way to return a block page to users when their connection is blocked not by the URL-filter but by a security policy? We have a security policy that blocks all outbound traffic to a list of foreign countries. The problem is when users attempt to browse websites in these countries the traffic is blocked but the user doesn't receive any information about why it was blocked- the connection just times out. IS there a way to send an HTML block page to users when the traffic is blocked? Thanks
... View more
05-27-2016
11:07 AM
We have a business partner that wants to create an IPSec VPN tunnel with our PA-5050 using pre-shared keys, but they don't want to provide a Public IP address for us to peer with. Their other clients configure the remote peer address of 0.0.0.0 basically allowing any remote IP as a peer.
My spidey sense is telling me this is a bad idea. There's a big diffence between cracking a complex encryption algorithm and guessing a pre-shared key- something that dictionary attack can do in a resonable amount of time.
Am I being paranoid? Or is this a terrible idea?
Thanks for any comments.
Frank
... View more
03-04-2015
11:55 PM
THAT'S IT!!!!! The space made all the difference! Thanks for the help.
... View more
03-04-2015
11:42 AM
ugh! I was afraid of that..... Is there no other way?
... View more
03-04-2015
11:34 AM
HI When I look at the security policy configuration on the CLI, I see that policies that were configured using the GUI appear in the following syntax: destination [ HOST1 HOST2]; But when trying to configure a new policy like so I get invalid syntax:: [edit] firewall# edit rulebase security [edit rulebase security] firewall# edit rules TESTRULE [edit rulebase security rules TESTRULE] firewall# set destination [HOST1 HOST2] So can someone tell me, what's the trick? Thanks
... View more
Labels:
- Labels:
-
Configuration
-
Set Up
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
05-10-2019
08:24 PM
|
Latest Tags
No tags yet
LEGAL NOTICES
Copyright 2007 - 2023 - Palo Alto Networks