General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Query for routing table

Hello, everyone.

One query.

In Palo Alto Firewalls, what is the correct command in the CLI, to "validate" if I have or don't have a route, to reach a particular destination?

The correct command is "show routing route" or "show routing fib" ???

What i

...

Matlu_NN by L1 Bithead
  • 401 Views
  • 13 replies
  • 0 Likes

file blocking profile not working for SFTP

Hii

we are trying to access our internal storage using SFTP from internet. after applying file blocking profile we are able to access mentioned files but firewall not restrict the file. we found that file blocking is not happening.

 

Please advise ho

...

unknown command during SSH script

by testing a ssh skript i get an "unknown command" error from the CLI

 

user@host:~/> cat reset.sh ssh -t -t fw.domain.de << EOF set cli pager off show user ip-user-mapping all type CP debug user-id reset captive-portal ip-address 1.2.3.4 quit EOF ...

mhuels by L3 Networker
  • 82 Views
  • 0 replies
  • 0 Likes

Best practice for Active/Passive HA and OSPF

I configured Active/Passive HA in an environment where the firewalls connect to a core switch. There is an OSPF adjacency exists between the active Palo and the core switch. I'm curious what the best practice is for OSPF and HA. When tweaking the OSP

...

Resolved! IKEv2 tunnel does not restore after HA failover

I have an IKEv2 IPSec tunnel that does not automatically restore after an HA failover. Once the IKE-SA and IPSec-SA is manually cleared, the tunnel eventually restores. I have other IKEv2 tunnels that restore after several minutes with no interventio

...

Split-tunnel not working properly

Hi folks,

 

Our customer configured split-tunnel on VM to include only certain IP addresses and domains and want to exclude any other traffic, so exclude options are blank. It seems that some traffic is still routed through tunnel (f.e.Telegram, bitt

...

Requesting Clarity on XDR XQL API Logging

Hello Everyone, 

 

For one of the client, we need to fetch logs from XDR API using XQL. Currently, the ask is for windows event logs only, but later they want IIS logs as well. 

Any help in below queries would be appreciated:

 

1. There are two queri

...

Day 1 Configuration of PAN-410 model firewall

I created day 1 config file for my PA-410 model firewall and loaded the configuration. But while commiting Got below error:

"email-scheduler -> Possible Compromise -> report-group 'Possible Compromise' is not a valid reference
email-scheduler -> Possi

...

Sujanya by L3 Networker
  • 1002 Views
  • 5 replies
  • 0 Likes