About DKanta

Hi Guys,   we have a problem: if a pc is in the lan, behind the firewall, we are not able to log in to office365, but if we use an external connection it works. i don't see any log with application containing 'office' We have not decryption enabled, PA-3020 with 7.1.14   Do you have any hint? Regards, Daniele ... View more

Hi Guys,   customer connected a Mac (OSX 10.13.2) using global protect and other vpn client (native and cisco), but i can't reach a remote server.   Doing a packet capture i found the PA (pa-3020, 7.1.14) doesn't forward the reply packet. [Mac]--------->[PAN] --------->[Server]        OK [Mac]               [PAN]<---------[Server]        PAN stops return traffic   i thought it was a problem caused by a third-party vpn client, but they told me the same issue is present when GP is used, but they told me all problematic users use a Mac.   Do you have some hints?   Regards, Daniele ... View more

Hi All!   i have this problem: when customer downloads, it is very slow, with isp he bypassed the PA device and it was faster. I created a new rule without any security profile to verify if it was caused by them, but customer says it is the same (and it could be slower).   QoS is not enabled.   Do you have any suggestion about this problem? Some function to check?   Regards, Daniele ... View more

Hi All!   i have a issue with the user-id feature: some users are not recognized by the PA device: if i check the logs searching for the username i see the last access some days ago, but if i search for his ip he is doing traffic. Even checking via CLI with ' show user ip-user-mapping all | match username ' i don't see anything.   PA is running PAN-OS 7.0.7 (i know it is going to be in EOL, we will plan the upgrade).   Can you please give me some hints to check?   Regards, Daniele ... View more

Hi All,   i have this issue: when i connect with global protect the WLAN NIC disables, and i have to restart the PC, i have this problem with this PC model:  Dell Latitude 5414 Rugged   Can you help me? Have you got some hints for me to check?   Regards, Daniele ... View more

Hi All,   we can't connect to Global Protect gateway using native VPN client on Samsung Galaxy A3 2016. Following the configuration on smartphone:   Under IPSec Identificator there is a string , and it is used as FQDN instead of Key Identifier, as we can see in the logs:   but we can't edit the configuration on the smartphone. Using other models of smartphone it works.   Do someone knows any kind of configuration that makes it work?   Regards, Daniele ... View more

Hi all!   i am trying to downgrade a PA-500 from 7.1.7 to 5.0.X. I have downgraded to 7.0.1, but i am nor allowed to downgrade to 6.1.0, when i upload the image file it says ' PanOS_500-6.1.0 already exists', but the only images present are 7.0.1 and 4.1.4 (or something similar).   Do you have some hints?   Regards, Daniele ... View more

Hi All,   i have a problem: when my customer generates reports there are problem with data, i see that the usage in one week is less than the sum of two random days in the same week. example: Week report: 450.5 G bytes Day X: 588.3 G bytes Day Y: 262.0 G bytes   Has anyone some hints?   Regards, Daniele ... View more

Hi All!   i am trying to activate URL Filtering from PAN-DB, but i have problems. I upload the license manually and i haven't error, but when i try to download the database this error appear:" URL database download: not available." Then i do the "Retrieve license keys from license server", but this error appear:"Failed to fetch licenses. Failed to get license info. Please try again later." The update server is correctly configured (updates.paloaltonetworks.com) and i tried to change the service rooute using external interface, but nothing changed.   Have you got any advice? It is a PA-200 with PAN-OS 8.0.1   Regards, Daniele ... View more

Hi All!   after logging in the GUI not works anymore, i tried to restart the web service via CLI using the command 'debug software restart process web-server', but nothing changed.   Can anyone give me some tips?   Thank you! Regards, Daniele ... View more

Hi all!   I have a problem with the download of brightcloud URL filtering database.   When i try to download the DB this message is shown: ---------------------------------------------------------------------------------------------- Download Status 2017-02-06 01:05:21.733 +0100 Error downloading latest URL database ----------------------------------------------------------------------------------------------   and i chacked the log of the download: ---------------------------------------------------------------------------------------------- admin@PA-500> tail follow yes mp-log pan_bc_download.log 2017-02-05 01:05:33.298 +0100 Best IP for service.brightcloud.com is 0.0.0.0 2017-02-05 01:05:33.305 +0100 Error: Brightcloud update server 'service.brightcloud.com' is down! 2017-02-05 01:05:33.340 +0100 Error downloading latest URL database 2017-02-06 01:03:04.049 +0100 Loading BrightCloud URL categories... 2017-02-06 01:03:04.258 +0100 Found URL categories 2017-02-06 01:05:16.676 +0100 Error: dtMessageTime(bcnet.cpp:253): failed connect to 115.101.114.118 on 80 2017-02-06 01:05:21.704 +0100 Error: dtMessageTime(bcnet.cpp:253): failed connect to 98.114.105.103 on 80 2017-02-06 01:05:21.708 +0100 Best IP for service.brightcloud.com is 0.0.0.0 2017-02-06 01:05:21.712 +0100 Error: Brightcloud update server 'service.brightcloud.com' is down! 2017-02-06 01:05:21.733 +0100 Error downloading latest URL database ----------------------------------------------------------------------------------------------   I tried to change the service route configuration, but nothing changed. Firewall's PanOS version is 8.0.0, could it be an error of this version?   Regards, Daniele   ... View more