This website uses cookies essential to its operation, for analytics, and for personalized content. By continuing to browse this site, you acknowledge the use of cookies.
For details on cookie usage on our site, read our Privacy Policy
For details on cookie usage on our site, read our Privacy Policy
About Carleton
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- LIVEcommunity
- About Carleton
09-26-2023
33Posts
5Likes
5Solutions
Sep 26, 2023Last Visited
User
Activity
User
Profile
Latest posts by Carleton
| Subject | Views | Posted |
|---|---|---|
| 436 | 05-02-2023 11:31 AM | |
| 1024 | 03-07-2023 10:45 AM | |
| 2039 | 03-02-2023 08:37 AM | |
| 1217 | 02-28-2023 08:01 AM | |
| 1815 | 02-27-2023 07:36 AM | |
| 2158 | 02-24-2023 12:39 PM | |
| 1038 | 02-24-2023 12:13 PM | |
| 1057 | 02-24-2023 10:22 AM | |
| 819 | 02-15-2023 10:05 AM | |
| 900 | 02-01-2023 01:51 PM |
My Liked Posts
| Subject | Likes | Posted |
|---|---|---|
| 1 Like | 02-24-2023 12:39 PM | |
| 2 Likes | 09-27-2022 06:35 AM | |
| 1 Like | 08-02-2022 10:38 AM | |
| 1 Like | 08-11-2022 08:18 AM |
Posts I Liked
| Subject | Likes | Author | Latest Post |
|---|---|---|---|
| 3 Likes |
User Badges
Community Statistics
| Member Since | 06-21-2022 12:19 PM |
| Date Last Visited | 09-26-2023 11:15 AM |
| Posts | 33 |
| Total Likes Received | 5 |
05-02-2023
11:31 AM
We are running the premium version if AIOPs trail. I have two issues.
Cortex Datalake showed my firewalls as registered but the file systems show empty.
If I go to the reports tab it has a message " Looking to set up a new scheduled report? Go to the dashboard for which you want to receive or share scheduled reports, and set it up there". I have looked at all of the dashboards and none of them have a place to setup a scheduled report. Any Ideas?
... View more
03-07-2023
10:45 AM
We are on 10.1.8. I can see that the certificate and telemetry are working fine.
... View more
03-02-2023
08:37 AM
With the adoption of TLS 1.3 support will this allow the identification for OID when checking remote OCSP responders for certificate validity? Currently we are unable to stop an error from occurring if we have User cetercerts in the same CA as the machine certificates. We have no way to identify OID and stop user cert checking after a machine cert has been verified. Product development told us this may be supported with the TLS 1.3 roll out as it does support OID checking.
... View more
02-28-2023
08:01 AM
After uploading the TS file, when I click on the view report link I get the error message
"logging svc tenant Id is required"
I haven't been able to find this listed anywhere.
... View more
02-27-2023
07:36 AM
That was it. it took a while for the common services to even show up in the UI.
... View more
02-24-2023
12:39 PM
1 Kudo
anyone get an answer for this? I have nothing showing up out of 4 firewalls
... View more
02-24-2023
12:13 PM
I do not see any devices, but I can see all my devices in the TS Portal.
... View more
02-24-2023
10:22 AM
I do not see any devices in the AIOps portal after we activated it. In the HUB I do not see a place to associate devices. All of the devices have Telemetry enabled
... View more
02-15-2023
10:05 AM
I ran a test and set the SAML Authentication to use the default browser instead of the embedded windows browser and the issue was resolved. I had to switch it back because using the default browser with SAML auth opened a webpage that is unnecessary and a bad experience for end users. We are now reaching out to Microsoft about this. We see this happening with other apps now too.
... View more
02-01-2023
01:51 PM
I have a ticket open with Palo Alto support. I am trying to find out who created the Enterprise App but so far they don't know Anyone?
... View more
01-24-2023
09:56 AM
We are using SAML authentication via The Global Protect Enterprise application in Azure. E everything is functioning as expected except for the logging is incorrect. The user login logs show the OS as Windows 8 when a Windows 10 user logs in. If you go to the details. in the log entry, The =User agent details show the correct PAN GP version and OS version
... View more
09-27-2022
06:35 AM
2 Kudos
In the basic SAML Config, you add both firewalls as shown below
... View more
09-27-2022
05:52 AM
I replied to the wrong thread, sorry. Yes we got this resolved by using a singe Enterprise app for both firelwalls
... View more
09-27-2022
05:43 AM
One other thing. If you have user certs that are not used from the same CA and you delete them, the issue goes away too.
... View more
09-27-2022
05:41 AM
I got it escalated to PA product development. When you use prelogin using a machine certificate authentication and SAML for user authentication, the SAML page on the firewall is what's causing the issue. We also are using a Windows OCSP responder to validate the certificate from a Windows server 2019 CA server. What development came back with was it is an issue with TLS 1.2. They believe that TLS 1.3 will have support for checking for certificate OID. There is no ability to check OID of the certificate in TLS1.2. If you have both user and machine certificates on the endpoint from the same CA, the embedded browser will prompt for a user certificate even though you are already authenticated. the workaround is to create a subordinate CA and only issue machine certificates from that CA. I found that if I used the public IP on the untrust side of the firewall and created a loopback interface using a nonroutable IP address and port 444, the issue didn't happen. You then need to nat to the untrust that loopback on 444 to port 443. GP will only function on 443. The gotcha here is you cant use IPsec and have to use SSL VPN at the cost of about 20% or better on the performance. The more people that go to their account rep and create a request for enhancement, the more attention this will get. So far they said only 4 people have reported the issue. I see this as something more and more people are going to want to do.
... View more
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
09-26-2023
11:15 AM
|
Latest Tags
No tags yet
LEGAL NOTICES
Copyright 2007 - 2023 - Palo Alto Networks