About HussainMohammed

plevin · ‎07-29-2022

It has to be 5.2.10 or later ( 5.2.12 is recommended ) to support Windows 11 !!

LAYER_8 · ‎11-15-2021

You are also able to create a custom vulnerability signature if you don't have GlobalProtect. Example for Chrome here.

BPry · ‎11-14-2021

@HussainMohammed, Another thing to check outside of what @Astardzhiev mentioned is that you aren't dropping the LDAPS traffic on the firewall itself if your management interface traffic has to route through security zones. The firewall will see LDAPS traffic as standard SSL traffic, so you'll either need to create an application-override entry, a custom app-id, or just allow ssl over 636/tcp in your security rulebase. I've seen a lot of people spend a lot of time troubleshooting LDAPS issues without verifying that the traffic is actually getting allowed.

SutareMayur · ‎10-20-2021

Hi @HussainMohammed , Does your palo alto is handling any sort of SSL inbound inspection in this communication ?

rdonohoe23 · ‎09-22-2021

Hi Hussain, Set the policy to only look at unknown users. Its set to any by default. cheers Rob

Member Since	‎08-03-2021 08:39 PM
Date Last Visited	‎11-22-2021 06:30 AM
Posts	11

Online Status	Offline
Date Last Visited	‎11-22-2021 06:30 AM

About HussainMohammed

Need to Block Old Chrome version over Palo Alto Firewall

Re: Global protect client for windows 11

is ssl required for 363 port for LDAP profile

Re: Global protect client for windows 11

Re: Global protect client for windows 11

Re: Global protect client for windows 11

Re: Need to Block Old Chrome version over Palo Alto Firewall

Re: is ssl required for 363 port for LDAP profile

Re: Certificate issue

Re: Captive portal asking credential for known users