General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

Discussions

Threat Vector, a Unit 42 Podcast, is Now on LIVEcommunity!

We have some exciting community news to share: Threat Vector, a Unit 42 podcast, is now on LIVEcommunity!

 

Threat Vector is your compass in the world of cyberthreats. Listen to this biweekly podcast to learn about unique threat intelligence, cutting

...

jforsythe by Community Team Member
  • 245 Views
  • 0 replies
  • 0 Likes

How and Why to Accept a Solution to Your Post

Did you know that you can help your fellow community members by accepting solutions when a reply answers your question. Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature

...

JayGolf_0-1691518400714.jpeg
JayGolf by Community Team Member
  • 3557 Views
  • 2 replies
  • 14 Likes

ISP failover in PanOS 7.0.4

Hi, 

 

We are moving from Juniper ScreenOS SSG firewalls to PanOS 7.0.4, 3020 clustered firewalls. 

 

On our Junipers we make use of a feature called track-ip for Interface failover between ISP's...This basically works by pinging a far device on the

...

Policy Based Forwading Capability Question

Hello All, Was just wondering if anyone may be able to help with this our question.

 

Please see the attached High Level Diagram. Both Firewalls are PA 3020's with the full licence set enabled. We need to replace the ISA server which is not providing

...

Data Flows.jpg
WesNeary by L1 Bithead
  • 5003 Views
  • 5 replies
  • 0 Likes

Does Palo Alto support Reverse Route injection?

As title, does Palo Alto support something like CISCO "Reverse Route injection" which can inject a /32 route to the campus network for a dial-in user? Or can I create a /24 loopback interface for VPN users and redistribute the /24 to campus network?

...

Exclude Traffic from the VPN Tunnel with scripts (GP 2.3)

Dear community,

 

have you ever tried to exclude IPs from the VPN tunnel using the GP 2.3 feature:

https://www.paloaltonetworks.com/documentation/70/globalprotect/globalprotect-admin-guide/set-up-the-globalprotect-infrastructure/deploy-agent-settings

...

Hithead by L4 Transporter
  • 2361 Views
  • 0 replies
  • 0 Likes

Shared gateway and BGP setup problem ?

 

Hello all,

 

This is the first time I post to the community. Before posting this message I've read a lot of information and I only can thanks everyone for all the interesting information found here.

 

We have some difficulties to set up a "working" shar

...

palaaltoproblem-base.png
palaaltoproblem-webexample.png
FTBZ by L1 Bithead
  • 3686 Views
  • 2 replies
  • 0 Likes

DirectPath I/O

I currently have a marathon support case open and support's latest reply includes an internal-only link (I'm pretty sure), so I can't read it. 

 

The release notes for 7.0 specify: 

 

"High Availability (HA) Link Monitoring is only supported on VMware E

...

BGP Peering Issue

I have a PA connected to my upstream provider exactly how it is with the same provider at two other locations, but I cannot for the life of me get BGP to establish. I've got a case open, but they're being hilarious slow and only responding with canne

...

6.1+ update stops tagged interfaces from working

I tried updating a PA3050 HA active/passive setup from 6.0.10 to 6.1 to eventually go to 7.
The update works for both devices, everything seems to be working like it should, except for the tagged subinterfaces of the aggregated interfaces. They simply

...

Labels