This website uses cookies essential to its operation, for analytics, and for personalized content. By continuing to browse this site, you acknowledge the use of cookies.
For details on cookie usage on our site, read our Privacy Policy
For details on cookie usage on our site, read our Privacy Policy
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Get Started
- News & Events
- Collaboration
- Education Services
- Technologies
- Next-Generation Firewall
- GlobalProtect
- Threat Prevention Services
- Endpoint Protection
- SSL Decryption
- App-ID
- Content-ID
- User-ID
- 5G
- IoT Security
- Cloud Identity Engine
- Panorama
- AIOps for NGFW
Network Security
- Prisma Access
- Prisma Cloud
- Prisma SD-WAN
- Cloud NGFW for AWS
- CN-Series
- VM-Series:
- Private Cloud
- OCI
- Alibaba
- AWS
- GCP
- Azure
Cloud Security
- Cortex XDR
- Cortex XSOAR
- Cortex Data Lake
- Cortex Xpanse
Security Operations
- Resources
About MikeTewner
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Announcements
We are conducting regularly scheduled maintenance over the weekend, which could cause some downtime on LIVEcommunity. We apologize for any inconvenience.
- LIVEcommunity
- About MikeTewner
03-14-2022
10Posts
1Like
0Solutions
Mar 14, 2022Last Visited
User
Activity
User
Profile
Latest posts by MikeTewner
| Subject | Views | Posted |
|---|---|---|
| 467 | 08-02-2018 01:07 AM | |
| 2896 | 08-01-2018 04:28 AM | |
| 2919 | 07-30-2018 10:26 AM | |
| 2933 | 07-29-2018 10:07 AM | |
| 3135 | 07-29-2018 09:29 AM |
My Liked Posts
| Subject | Likes | Posted |
|---|---|---|
| 1 Like | 07-25-2018 05:15 AM |
Posts I Liked
| Subject | Likes | Author | Latest Post |
|---|---|---|---|
| 1 Like | |||
| 1 Like |
User Badges
Community Statistics
| Member Since | 07-17-2018 12:30 AM |
| Date Last Visited | 03-14-2022 01:18 AM |
| Posts | 10 |
| Total Likes Received | 1 |
08-01-2018
04:28 AM
Nope, no Exchange - We're in Google GSuite for everything. (Aside - I briefly got SAML auth working against GSuite, but got stuck with the absense of Groups. Went back to AD) Anyways, when I had two portals, the client made me constantly choose which portal to connect to (They had 2 different hostnames). If I give them both the same hostname, will the client not ask me?
... View more
07-30-2018
10:26 AM
Thank you, Mick! 1. I'm using LDAP auth to AD. All of my clients are Macs, joined to the domain. 2. My plan for using internal gateways is to match up threat alerts to users (by IP). I'm trying to do this WITHOUT requiring the user to enter credentials to use the local LAN. (With GP, I'm using Cookie Authentication, which helps out here) 1. "Agentless" User-ID using AD Event Logs - Couldn't get it to work on the first try, and moved to GP Internal Gateways. I'm not sure how much WMI Event Logs are going to help me when all of my clients are Mac (Joined to AD). Do you think it'll work? 2. I have Internal GP kinda' working. I think if I play with it for a bit longer, I can get it to work. 3. What are the other options you mentioned? What do you mean by " built in "user ID" on the PA?" 4. I'll look into the Captive Portal option.
... View more
07-29-2018
10:07 AM
...And a Follow-Up question - Am I able to have the _External_ connect to be connect-on-demand, but have the _internal_ connection be always on? That is, our users connect to the VPN when they need to access something while outside of the office. When they're IN the office, I'd like them to be auto-connected to the Internal VPN (so I can use User-ID's in my policies)
... View more
07-29-2018
09:29 AM
Hi All! I'm working through the "Mixed Internal and External Gateway Configuration" and something isn't quite clear - Do I need to create 2 separate GlobalProtect Portals (one to listen on the outside interface and one for the internal interface) or should I be able to access the same portal using the same IP? Using 2 separate Portals on 2 separate hostnames/IP's, It recognizes me as being "internal", but I need to switch the "portal" in the GlobalProtect Client when I go mobile. https://www.paloaltonetworks.com/documentation/81/globalprotect/globalprotect-admin-guide/globalprotect-quick-configs/mixed-internal-and-external-gateway-configuration
... View more
07-25-2018
05:15 AM
1 Kudo
Hi All! We're an all-Mac shop, but we use AD for authentication (for now). GlobalProtect "External" is working great for external access, with authentication to AD. Now we'd like to map IP to Users INSIDE our LAN. My primary goal is to link URL Filtering alerts and other threat analysis to a specific user. Perhaps a naive question - When talking about GlobalProtect "Internal", does that mean that users _authenticate_ to use the LAN? Is there a way to just get the GP agent to send the current logged-in user?
... View more
07-25-2018
01:52 AM
Why not? Is something different with the "system" logs? This would be qyute useful for me....
... View more
07-17-2018
11:55 PM
Thank you @vsys_remo and @BPry for the help! This is one of the last services still stuck on our ActiveDirectory - I'll put in the feature request and live with it for a bit longer. Just an aside for anyone else with this issue - Perhaps JumpCloud can help in this case. -Mike
... View more
07-17-2018
12:34 AM
I've gotten GSuite SAML2.0 working and have GSuite configured to send the user's "Department" as the "group" attribute. In the PA, I have the "User Group Attribute" set the "group". As the OP says, I don't see that I can use the "group" value anywhere (policies, etc). Has anyone gotten this to work?
... View more
LEGAL NOTICES
Copyright 2007 - 2022 - Palo Alto Networks