General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Automatically generate a network diagram for auditors

There is such rich data stored in this tool, is there way to generate a network diagram?

I need to have up-to-date network diagrams for SOX and PCI audit every year.  It would be awesome to have a diagram generated that I could review/update and then

...

WJLennon by L0 Member
  • 1679 Views
  • 3 replies
  • 1 Likes

Agentless USER-ID timeout

Hello,

 

We have USER-ID setup to get our wifi logs and that is working well for most of our devices however we have an issue where the iPads will initally get a connection but then after timeout period set in User Identification Timeout they remain

...

GP users stop working each 30 minutes

We currently have version 6.1.4-711 of Global Protect deployed for the establishment of VPN sessions for teleworking users against our perimeter PAN FW. Panos is 10.2.8-h3

We have a group of users (a small part of the total) to whom Global Protect in

...

BigPalo by L4 Transporter
  • 195 Views
  • 3 replies
  • 0 Likes

Disable and re-enable the 2FA for GP VPN connections

Dear community,

What is the best way to  temporarily deactivate 2FA authentication for Global Protect VPN SSL connections and enable authentication solely via LDAP server by entering the username and password, we aim to seamlessly reinstate the 2FA a

...

TammamA by L0 Member
  • 190 Views
  • 1 replies
  • 0 Likes

Unable to find the reason for packet drop

Hello,

 

In our Palo Alto the traffic is allowed on the firewall but it is not working. When we did packet capture we found that return traffic in drop stage. To find the cause of the packet drop I have set the filter using 'Manage Filters' in GUI th

...

Slow GlobalProtect on PA-1410

Trying to see what might be going on with our PA-1410 after we upgraded to 11.0.2-h4 from 11.0.2-h1. We have tons of tickets for slow GP connections since that upgrade a few weeks back. We have a 1gb link and average usage is <100mb.

 

Users will co

...

PA-3410 Refer Latest Version and Upgrade Path

Hi Guy,

I am using PA-3410 PAN-OS version 10.2.8-h3, I want to upgrade the firewall to the latest reference version. Thanks to the team, please help me refer to the latest version of the current device and the upgrade path.

nhutvt2 by L1 Bithead
  • 565 Views
  • 10 replies
  • 0 Likes

Github over 443? How do I allow on specific policy?

We have a specific rule to allow github based on PAN EDL of github v4/v6 addresses.  Git works over port 22 but not over 443 with the policy below.  I want to allow git over 443 on the policy below but not clear on the best way to do it.   Do I need

...

drewdown_0-1716298330250.png
drewdown by L4 Transporter
  • 176 Views
  • 2 replies
  • 0 Likes

Moving BGP from Juniper router to PA 5410

Hello,

 

I'm planning to remove some older Juniper MX routers from the network edge and move the BGP peer configuration to an Active/Passive pair of 5410s.  There are two ISPs.  For now I'm just hoping to replicate the Juniper setup on the PAs.  Righ

...

  • 24292 Posts
  • 99 Subscriptions
Top Solution Authors
Top Liked Authors
Labels