General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Discussions

Ensuring a Safe and Secure Community: How You Can Help

 

Dear LIVEcommunity Members,

 

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

safe-community_oct24.jpg
report-content.jpg
jforsythe by Community Team Member
  • 547 Views
  • 0 replies
  • 2 Likes

Resolved! Is it possible to write a rule matching any IP ending in .xx

Hi all,

I have a question, is it possible to write a rule that matches only a part of the IP address? For example match any IP ending in .51? Using wildcards this would be  *.*.*.51


Put another way, i would like to match all IP's that are x.x.x.51 wher

...

Saqib by Not applicable
  • 5824 Views
  • 8 replies
  • 0 Likes

Resolved! updates.paloaltonetworks.com connectivity

hi all,

we have been trying to test our networks connectivity

to updates.paloaltonetworks.com and have been unsuccessful.

we tried ping to updates but it fails and also traceroute it also fails.

and when we tried from different networks all the coonectiv

...

Resolved! IPSec Transport Mode

I cannot find a way to configure the IPSec tunnel encapsulation to use Transport Mode versus Tunnel Mode in either the GUI or CLI ... anyone have insight into this?

aragone by Not applicable
  • 5184 Views
  • 4 replies
  • 0 Likes

Resolved! BGP "Router ID" and multiple peers

What exactly is the "Router ID" field used for in the BGP tab of Virtual Router configuration?

I ask because I'm planning on announcing a /24 to two different ISPs/peers, and each ISP has its own /30 for the transit segment.  So, if I make the router

...

bradenmcg by L3 Networker
  • 25638 Views
  • 14 replies
  • 0 Likes

Resolved! Two ISP connections - one primary / one guest network

Hello,

Today we have one interface designated as a WAN interface that manages our IPsec tunnels, GP Portal/Gateway, NAT for Websites, and business web browsing and needs.  We have a second internet connection that we use for a guest network that goes

...

cmateam by L3 Networker
  • 9474 Views
  • 8 replies
  • 0 Likes

Resolved! DSCP TAGING

Hi

could you confirm me, if the tagging DSCP is not flushed via the Palo Alto.

I need to use an avaya VOIP solution and a dscp tag 46 is added to the packet.

thank's

Gregoux by L4 Transporter
  • 7771 Views
  • 4 replies
  • 0 Likes

How to allow access to OWA to selected external users?

Hello everyone,

I was hoping to get couple ideas on the problem that we currently have and cannot give a solution yet.

About a year ago we were able to migrate our old firewalls infrastructure to PAN.

We had 1 firewall facing internet(Sidewinder) - basi

...

Resolved! Transparent IP Mode Splice L3 Subnet possible?

I have a client that is currently using Sonicwall and wants to migrate to Palo Alto.  

Sonicwall supports Transparent IP Mode (Splice L3 Subnet) that basically can bridge the WAN subnet onto the DMZ interface.

Let say for example,

WAN Interface - 100.1

...

PA3020 fans always running at 100% speed?

First thing I noticed when I plugged this in was that it's very loud. Normally a device spins down the fans when it's at a cool temperature (which is pretty much all servers and appliances from the last 10 years).

So is there any way to change the fan

...

Maxstr by L3 Networker
  • 8694 Views
  • 9 replies
  • 0 Likes

Kerberos SSO PAN-OS 7.0.1

Hello,

at the moment I'm trying to set up a SSO Auth with the Admin Web Interface (and Captive Portal). I set it up like the documentation of PAN-OS 7.0 told me. I tried different Crypto types but all with the same error.

1. Log in to the KDC and open

...

Resolved! NAT Issue

Hi Friends,

I have 2 server hosted in lan zone and one public ip . i have configure the NAT for 1 server from outside from port 80 and its working fine. but i want access the other server from lan with public ip from port 80 but its not working showin

...

Satish by L4 Transporter
  • 6642 Views
  • 3 replies
  • 0 Likes

VM-Series firewall on VirtualBox

Hi,

I know that VM-Series firewall requires VMware ESXi running vSphere 4.1 or 5.0.

But I don't have VMware right now on my laptop and only I have is Oracle VirtualBox 4.2.6 - just for tests and presentations (not for commercial purpose)

On VirtualBox I

...

Labels