This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Threat Vector, a Unit 42 Podcast, is Now on LIVEcommunity!

We have some exciting community news to share: Threat Vector, a Unit 42 podcast, is now on LIVEcommunity!

 

Threat Vector is your compass in the world of cyberthreats. Listen to this biweekly podcast to learn about unique threat intelligence, cutting

...

jforsythe by Community Team Member
  • 310 Views
  • 0 replies
  • 0 Likes

How and Why to Accept a Solution to Your Post

Did you know that you can help your fellow community members by accepting solutions when a reply answers your question. Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature

...

JayGolf_0-1691518400714.jpeg
JayGolf by Community Team Member
  • 3653 Views
  • 2 replies
  • 14 Likes

Resolved! panos 10.0.5 can't commit firewall changes

Hi, I'm brand new to PA firewalls.  Have a new pair of 3220's in active-passive HA.  This is not in production.  We are using them to learn on and eventually, hopefully later in the year move to production, replacing an active-passive Cisco ASA.

 

I ha

...

ksauer507 by L3 Networker
  • 3170 Views
  • 2 replies
  • 0 Likes

DNS Proxy inheritance source

I want all devices on one of my interfaces to use my DNS servers, regardless of their configuration. Seems pretty simple, but I'm stuck.

I can edit and OK/OK out of the DNS proxy dialogs (PANOS 4.1.2), but commit fails with "Inheritance source needs t

...

rgraves by Not applicable
  • 5829 Views
  • 3 replies
  • 0 Likes

GlobalProtect OCSP validation not working

Hi,

 

OCSP verification configured in a Certificate Profile on my Palo Alto 3020 doesn't seems to work.

 

My GlobalProtect configuration with pre-logon is working with machine certificate but when I want to see the status of the OCSP cache on the Palo, I

...

ocsp-request.png
ocsp-response.png
pboegli by L1 Bithead
  • 3636 Views
  • 1 replies
  • 2 Likes

Resolved! Route selection algorithm

Hi everyone!

 

I have a question about PA virtual router logic. For example, I have two static routes

 

0.0.0.0/0 AD 10 metric 10 next hop 1.1.1.1

0.0.0.0/0 AD 10 metric 10 next hop 2.2.2.2

 

ECMP disabled. All dynamic routing protocols are disabled.

 

Which

...

Check Log storage per day

Hi guys,

 

Is there any way to find out stored log size per day?

 

on show system logdb-quota command, there are full data stored size there.

I'd like to know how much size for log storage per day.

 

Thanks,

Kang_Han by L1 Bithead
  • 6365 Views
  • 2 replies
  • 1 Likes

Remote Access VPN - Strongswan client to PA GP Gateway

Is it possible to access a GlobalProtect gateway using the strongswan client on Ubuntu 16.04 LTS? I am trying to use ikev2 and use certificate authentication.  PA guidance suggests it is possible using Ubuntu 14 and PAN-OS7 but I can see no guidance

...

CC2021 by L0 Member
  • 1802 Views
  • 2 replies
  • 0 Likes

Resolved! Applications Depends On Column - Prelogon Policies

I am trying  to setup prelogon and have a question about the sec policies described in Step 2 of this guide: https://docs.paloaltonetworks.com/globalprotect/9-0/globalprotect-admin/globalprotect-quick-configs/remote-access-vpn-with-pre-logon.html 

 

I

...

MichaelMedwid_0-1618764222665.png

Resolved! Certificate Validation not working

Hi all,

hope you are doing well!

I've a little probelm with the certificate validation.

I've changed the DDNS provider to a custom one bit certifiate validation dows not work.

PAN OS: 10.0.5

First what I've done on CLI:

set network interface ethernet ether...

Image 4.png
Image 5.png
Image 3.png
Image 2.png

How to search a Domain

Hello

 

How do I search a domain in all my Nodes?

The way I do is to open "Logs" and enter there a domain like "blabla.com" well, the result is... empty.

After that in the Node I would like to add that Domain, I enter in the Indicators Tab the Domain

...

Resolved! About DNS security

Hello Bros,

                I my network and my firewall 3220 setup I have a question regarding the DNS security feature.

If you go through creating an anti-spyware profile, and exactly in the DNS signature what is the difference between DNS signature

...

  • 24185 Posts
  • 100 Subscriptions
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks