General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Discussions

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

 

Rules and Best Practices

 

  1. Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion
...

JayGolf by Community Team Member
  • 377 Views
  • 0 replies
  • 0 Likes

SSL-VPN on Mac can't route traffic after sleep

On many of our Mac clients that are using SSL-VPN, if they are connected to the VPN and they close their Mac's (putting it to sleep), when the mac's are awoken, they can't route any traffic. 

The only cure seems to be:

sudo route -n flush

Is there any

...

Lookout by Not applicable
  • 2072 Views
  • 1 replies
  • 0 Likes

DHCP duplicate addresses

PA-500, PANOS 4.0.5, DHCP set to "auto", lease time all zeros, one IP pool (192.168.2.2-192.168.2.126) .

Recently I noticed that I was getting duplicate IP messages from Windows computers on my network. I found that certain devices were geting the sam

...

rclary by L1 Bithead
  • 4304 Views
  • 4 replies
  • 1 Likes

SSL VPN users unable to access the internet though Palo

Hi

     I have setup SSL VPN and its been in use for a few weeks without any issue with the exception of one minor annoyance.

I have been unable to get the SSL VPN users to be able to see the internet when connected.

1) The access route is set to 0.0.0

...

HA Active Active Setup

Hello,

We have two PAN-2020 appliance running with 4.0.5 and setup for active/standby HA. We would like to change our HA setup to active/active instead of active/standby. In our existing setup we have two interfaces configured for virtual wire and on

...

ahmedf by Not applicable
  • 2837 Views
  • 1 replies
  • 0 Likes

PBF config works wonderful, except

We have two ISP links and have PBF configured. Our main Internet connection went down on the DS3 side of the next hop router at 3AM. The ethernet interface that we connect to never went down. I had to manually disconnect the ethernet interface on the

...

Is there a limit on the icmp pakets size?

Hello,

We try to make ping throw a PAN-4020 device, whene we try with a 1023 byte pakets it works, but wehen we try with a 1024 byte pakets this is rejected by the PAN. Is there any limit on the icmp paket size?

Also, whene we activate the jumbo frame

...

asia by L3 Networker
  • 2390 Views
  • 1 replies
  • 0 Likes

MAC Destination Problem (4.0.4)

We have a new pair of PA-2050 (HA).

The last two weeks works fine with 4.0.1 but last Thursday I upgraded them to 4.0.4 and two of our networks had problems to go trought the firewalls.

I saw in the traffic monitor that the rules were ok and that traff

...

Arp issues with L2 failover

Hi guys,

We have a new PAN insatllation with a requirement for resilient links to two Cisco core switches running HSRP.

We have configured the 2 interfaces on the PAN as L2 interfaces and assigned a VLAN which acts as the layer 3 IP. (see diag attached

...

rds by L2 Linker
  • 7304 Views
  • 5 replies
  • 0 Likes

Help setting up a return route

Hi,

I am in the process of migrating internet connections, at the moment we have a PA-500 with 3 active internet connections, traffic is routed between different connections using policy routing. This is fine for outbound traffic, however inbound does

...

andyyps by Not applicable
  • 4344 Views
  • 5 replies
  • 0 Likes

Multiple Internet inputs and a PA 500...

hello and thanks in advance for any help.

I have a PA500 with the following interfaces active:

1 External Internet (1/1)

1 External internet (coming) (1/3)

1 Internal(1/2)

1 WiFi (1/4)

1 for DMZ (1/6)

1 for PCI (1/8)

I'm in the process of getting a second in

...

u7483 by Not applicable
  • 2135 Views
  • 1 replies
  • 0 Likes

Routing by source address

Hi at all.

Actually I am migrating from a Juniper to a PAN 500, the juniper firewall has some routes based in the source address. The reason for this routes is the following, The HQ has running an ERP (SAP) in 3 servers and the conection from the remo

...

Labels