This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

PA-1410 HSCI compatable cables

Hello there,

We're upgrading from a pair of PA-3020 firewalls to new PA-1410s and require a DAC cable for the HSCI ports. However, we're unsure which vendor/brand offers compatible options.

Specifically, we're considering the following cables:

  • Cisco
...

AK74 by L2 Linker
  • 511 Views
  • 1 replies
  • 0 Likes

Resolved! Trouble routing from Guest zone to Internal Server

I'm not sure where to turn from here but my organization is trying to do a configuration we haven't set up before related to our student self-service system.

 

To try and summarize the issue, we have a guest-wireless zone that we need to allow anybod

...

cnorwich by L1 Bithead
  • 695 Views
  • 5 replies
  • 0 Likes

Resolved! Site to Site IPSEC Clarification

I'm moving from a Cisco ASA to a Palo Alto firewall for the first time. I've imported the config to Expedition and am prepping it for import to the firewall, but I noticed only the first of my crypto peers for each tunnel was imported to an IKE gatew

...

Palo Alto Search Filtering in Contains

Hello,

 

I write a basic python code for 'contains' filtering in in rule name search. And I want to share with community also community can give an advice for me.

 

The code: 

"""""""""""""""""""""""

def generate_output(numbers) :
    output_strings
...

tombombadil_0-1706780527481.png

Global Protect Asymmetric routing issue

Hey team hope someone can help me. I am pretty new to Palo and I am trying to setup Global Protect PreLogon in our corporate environment. I have managed to get it all working in the lab (awesome) now doing that in the live environment is different ba

...

Shadmin by L1 Bithead
  • 2981 Views
  • 4 replies
  • 0 Likes

Radius Group for GP authentication

Hi All,

We need to setup a specific user group in Radius should only access the GP. No other users should access GP. Currently authentication method set for GP is Radius and in the same radius we need a specific group of users only to authenticate.

M

...

Resolved! PAN-OS Uprage PATH to 11.0.2-h3

Confirming the Upgrade Path - Currently version 10.2.3-h2 upgrade to 11.0.2-h3 1.

Download 11.0 2. 

Download and install 11.0.2-h3  

 

Am I correct? do I need to reboot twice for this OS upgrade?

 

NGFW 

Azure AD SSO with customer portal

Hi 

Can anyone help out with setting up a 3rd Party Identity Provider on Customer Support Portal?

I've read through provided instructions (https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000sZ8mCAE), however, I'm stuck at Enabl

...

Resolved! Convert management-only Panorama to panorama-mode

So I've added a 2048 GB disk:

 

admin@panorama> show system disk details

Name : vdb
State : Present
Size : 2097152 MB
Status : Available
Reason : Admin enabled

 

When trying to switch system mode, this happens:


admin@panorama> request system system-mode

...

Radius Authentication and NPS

Hello everyone,

I'm having trouble configuring palo alto with a Radius NPS server. Basically we do not want to use chap protocols to avoid enabling reversible password. So we wanted to use EAP-TLS but it does not seem compatible with Palo Alto. Then

...

zakergfx by L1 Bithead
  • 357 Views
  • 1 replies
  • 0 Likes

VM-Series 30-day trial not correct login prompt

VM-Series 30-day trial not correct login prompt

 

only seeing PA-HDF prompt

 

I am aware there are 3 prompts for login during the initialization phase and the VM seems to keep getting stuck at the second one (PA-HDF). I know the initialization can ta

...

One isp to multiple isp site to site tunnel

Hi Team,

 

We want to configure ipsec site to site tunnel between two locations as per below details

 

1) Location A having single ISP address i.e Wan address  (1.1.1.1/30) will connect to location B having 2 ISP address (2.2.2.1/30 & 3.3.3.1/30) and

...

Disable IoT Service as workaround of PAN-216043

We are having a problem in our PA cluster. One of the firewalls is restarted and HA is activated. This problem occurs approximately every 3 weeks and the error I found is from Wifclient and according to the paloalto documentation the workaround is to

...

EliasCoranti_1-1706792909590.png
EliasCoranti_0-1706792814014.png

Resolved! Show hit count in CLI

I was searching this forum and official documentation, but I can't find the following:

Is there equivalent to Cisco ASA "show access-list acl_name" command in the PAN-OS CLI. I am looking for the command that will show hit count for every configured

...

  • 24198 Posts
  • 100 Subscriptions
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks