General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Discussions

Ensuring a Safe and Secure Community: How You Can Help

 

Dear LIVEcommunity Members,

 

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

safe-community_oct24.jpg
report-content.jpg
jforsythe by Community Team Member
  • 359 Views
  • 0 replies
  • 2 Likes

Resolved! Two Virtual Routers

Hello,

When I configure two virtual routers on a PA-5060, how do I get them to see each others’ routes?

Do I need to configure some kind of virtual internal circuit between the two routers?

Thanks!

Resolved! commit confirmed X on PaloAlto firewall ?

Hello All,

   I am a newbie to PA firewalls but have some experience with JunOS firewalls. I like the "commit confirmed XX" command on JunOS because it will revert a change after XX minutes if for some reason I get locked out. A good example is when c

...

Resolved! QoS on Tagged VLAN Sub-interface

Hi there,

I try to implement QoS on Tagged VLAN sub-interface. Found some configuration on main interface but not sub-interface one.

Any suggestion? ^^

Thank you    

Amnuay by Not applicable
  • 9051 Views
  • 6 replies
  • 1 Likes

Resolved! BGP Graceful restart in an Active/Passive cluster?

All,

Quick query, we are in the process of implementing a HA cluster that will be BGP peering with several upstream routers, both route import and export, and in trying to reduce the interruption due to a failover we are looking to implement the Grac

...

PBF with NAT, how does it works?

Hi Guys

According to document , if there's destination NAT , there'll be second routing lookup to decide outbound zone & interface. But I'm very confused when there's routing and PBF together, In the second routing lookup, how does PBF rule work? Does

...

JTR by Not applicable
  • 10082 Views
  • 4 replies
  • 0 Likes

Secondary IP and DHCP

Greetings,

Say we have an interface that is configred the following way:

e1/2.240

Tag: 240

IPv4 Address (two addresses on the interface):

-10.10.100.1/24

-192.168.100.1/24

Now, if that interface is configured as a DHCP relay, which network is it going to se

...

mrsold by Not applicable
  • 9256 Views
  • 9 replies
  • 0 Likes

nslookup on the management port ?

I would like to check a few DNS issues I'm seeing on the management port.

I had hoped to find nslookup in the CLI, but it isn't there.

Is there something equivalent ?

Thanks.

DSTR by L0 Member
  • 30355 Views
  • 4 replies
  • 1 Likes

Shutting down/disabling subinterfaces

I am very new to the PANOS world so I will apologize in advance if this is obvious, however my search of documentation and knowledebase did not yield anything. I have been looking for a way to administratively shut down sub interfaces. Is this possib

...

scourge by Not applicable
  • 18527 Views
  • 11 replies
  • 0 Likes

Resolved! HOW TO CONFIGURE .1q - VLAN TRUNK

     Hi guys ,


I have a lots of doubts about how to configure .1q vlan TAG / TRUNK on PALO ALTO FIREWALL.

It`s possible to work with layer 3 interface ?
I don`t found any documents here.


Does anyone have something to help me.

Nbest Regards


THiago LIma.

Thiago by L3 Networker
  • 2920 Views
  • 2 replies
  • 0 Likes

Avaya 9611G/4610SW VPN to PA-500

Has anyone had success connecting Avaya IP phones via VPN to PA devices?  I am able to complete IKE Phase 1 authentication, but fail Phase 2 due to local/remote proxy IDs not found:

'IKE phase-2 negotiation failed when processing proxy ID. cannot fin

...

itmanager by L1 Bithead
  • 21879 Views
  • 22 replies
  • 0 Likes

Resolved! IPSEC Tunnel to ASA - PeerID issues

I am setting up an IPSec tunnel to an ASA. I am getting an error message about the PEERID type only allowing IP but received FQDN. Per the other KB article, I changed the PAN Exchange mode to Aggressive.

Now the PAN received a FQDN of the ASA side an

...

SDorsey by L4 Transporter
  • 5842 Views
  • 5 replies
  • 1 Likes

GlobalProtect client behind a proxy, configuration help

I am trying to establish an ssl vpn connection using the globalprotect client, but the client is behind a proxy using a configuration script.  I have tried calling paloalto support but they said their client is not proxy aware.  Does anyone know of s

...

bigtone by L1 Bithead
  • 17004 Views
  • 6 replies
  • 0 Likes
Labels