Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Live
- ›
- About DLONGPRÉ
About DLONGPRÉ
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
2 weeks ago
22Posts
2Likes
0Solutions
Nov 22, 2020Last Visited
User
Activity
User
Profile
Latest posts by DLONGPRÉ
| Subject | Views | Posted |
|---|---|---|
| 360 | 09-30-2020 07:08 PM | |
| 241 | 09-16-2020 08:30 AM | |
| 920 | 08-28-2020 06:27 AM | |
| 1762 | 08-25-2020 11:19 AM | |
| 998 | 08-25-2020 08:45 AM |
My Liked Posts
| Subject | Likes | Posted |
|---|---|---|
| 1 | 06-12-2020 10:15 AM | |
| 1 | 04-30-2020 06:07 AM |
Posts I Liked
| Subject | Likes | Author | Latest Post |
|---|---|---|---|
| 7 |
User Badges
Public Statistics
| Date Registered | 01-08-2018 09:55 AM |
| Date Last Visited | 2 weeks ago |
| Total Messages Posted | 22 |
| Total Likes Received | 2 |
09-30-2020
07:08 PM
@SteveCantwell Very good post Steve! So, the end goal of this is to "drop" packets by a DoS Policy, instead the Security Policy, isn't? I understand that "tagged" IP sources within the DAG have been already blocked once by the your Security Policy, right ? Very good stuff so far... I'm planning to use DAG associated with sinkhole DNS mechanism to block dynamically infected inside host. Thanks ! Dominic.
... View more
09-16-2020
08:30 AM
Is there limitation of the Alternate Username attribute that be used ? Per example, I'm using a extra attribute which is "uid" which is available in Microsoft AD User attribute. From tcpdump trace, I can see that FW ldap request and AD response properly with good value. However, the "show user user-attribute..." never display that attribute. Any clue? Yes, I have refreshed the group-mapping. Its look like the FW receive the attribute from ldap, but does nothing with it.
... View more
08-28-2020
06:27 AM
Okay, Captive Portal was not triggered because the destination was HTTPS, and SSL decryption is required for Captive Portal to "redirect" HTTPS traffic. Also, notice that UserID database is always updated with latest user account logged. That could cause problem in "big" environment where multiple accounts (normal, priviledge ..) are required to touch specific ressources. I think that dedicated firewall(s) or VSYS isolated from the "normal USERID Database" could be a solution to front specific secure environment, like critical database, PCI... etc.
... View more
08-25-2020
11:19 AM
Is it working with SAML + Azure MFA ?
... View more
08-25-2020
08:45 AM
It's not working. The user is never triggered with the captive portal auth page. I think, this is because the firewall is already aware of Bob account that came from User ID Agent. However, I want that auth rule is triggered to let user login with his priviledge account.
... View more
08-22-2020
08:14 AM
Here use case and wondering if this is feasible. 1. User Bob is already authenticated and connected(tunnel VPN) to firewall A with GlobalProtect with his account "Bob". 2. User Bob need to access critical ressource behind the same firewall A with, however, his privilege account "Bob-Priv". Problem, its look like the authentication policy is never triggered because user Bob is already authenticated with account "Bob". Is there a way to achieve this ?
... View more
07-07-2020
03:58 PM
Hello, Strangely, I got that problem on PA Integrated USER ID on PAN-OS 9.1.3. Any thought, idea ?
... View more
06-12-2020
10:15 AM
1 Kudo
I have been told that feature will be available on Prisma PlugIn 1.7.
... View more
05-14-2020
09:15 AM
Is there a way to see the BGP prefix before they've been processed by the IMPORT or EXPORT rules ? Thanks, DL.
... View more
05-06-2020
11:44 AM
I'm little bit concerned about the actual GP Agent version on Prisma which is still 5.0.9-15 since 5.1.x is available for "long time". Should 5.1 be available since minor 5.1.1 is available since 2020/02/24 ?! I'm confuse why 5.1.3 (or 5.1.1) is not the current agent release available ?
... View more
04-30-2020
04:57 PM
There are on "wired" network, not WIFI. I will try a GP agent update to see if its better.
... View more
04-30-2020
06:07 AM
1 Kudo
Hello, I have a customer that many of his VPN SSL clients are disconnected many times during the day. In the GP logs (pan_gp_event.log) I can found : "Tunnel is down due to socket closed" PAN-OS 9.0.7 GP Agent : 5.0.8 Before updating the agent or switching to IPsec, Is there a VPN SSL "mode" BUG in that specific OS/Agent version ?
... View more
03-13-2020
07:10 AM
Is there any way to see which GP APP version is currently used ?
... View more
Labels:
- Labels:
-
GlobalProtect-COVID19
03-13-2020
07:06 AM
I have been told by Palo TAC there is an opened issue with Microsoft/Azure to find solution about the "wildcard" URL within the Azure SAML config (Identifier Entity ID) that's look like no more supported in Azure. Thx. D.
... View more
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
2 weeks ago
|
Latest Tags
No tags yet
Latest Blogs
Latest Posts
Copyright 2007 - 2020 - Palo Alto Networks
