General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Secondry ISP not able to ping form external.

I have two ISP connected to my firewall. 1. ISP1 is in untrust zone and default route configured metric value is 10.2. ISP 2 is in WAN1 zone and default route metric value is 15.3. Both ISP are in same virtual router. I am facing one issue i cannot ping my ISP2 from external. My home public ip if i enter static route in the palo alto firewall i...

Resolved! Two Default gateways with different priority

Hi Guys, We have two isp links (ISP1 AND ISP2). We have defined to default gateways and set the ISP1 less priority so that all internal traffic will take ISP1. for example0.0.0.0/0 ethernet 1/1 next hop 76.45.146.22 admindistance 10 metric 10.0.0.0/0 ethernet 1/2 next hop 89.54.54.56 admindistance 10 metric 2 In this scenario. We have published ...

irshad.n by L1 Bithead
  • 8430 Views
  • 5 replies
  • 1 Likes

PA440 Upgrade/Downgrade from 10.1.8 to 10.2.7-h3

Hi guys, I was trying to upgrade PA440 on my lab but it was failed. (10.1.8 -> 10.2.7-h3) The following message was output. == Operation Download Status Completed Result Failed Details Successfully downloaded Preloading into software manager Traceback (most recent call last): File "/usr/local/bin/swminternal", line 18, in <module> s...

configure ha in different locations

hi, I have 2 palo alto and I have them in different buildings and I want to set up an HA between them how can I do it without just pulling a direct cable I want it to go through the network infrastructure. Kind regards

Tunnel Interface IP Address Requirement

Hi everyone! I am a new learner for Palo Alto I want my Remote Network to reach my HQ Network via GP. I am kind of confused whether when I am going to use IP Address to my tunnel interfaces, either on IPSEC site to site or Globalprotect deployment. Some of the video guides uses IP while others don't. I know that IP Address on tunnel i...

renzanjo11_2-1725618463451.png
renzanjo11_3-1725618463783.jpeg
renzanjo11_4-1725618463785.jpeg
renzanjo11_5-1725618463782.jpeg

FW specific rules from the Panorama shared policy

Hi All, Using Panorama (10.1.x) with a number of managed FWswe have a shared pre policy, parent pre policy and child policies with pre rules configured within. goal - in event of a security incident on a branch location we want to have a pre-defined deny rule in the parent pre-policy in place that we can just enable and push down to a specific F...

PA_nts by L4 Transporter
  • 1000 Views
  • 1 replies
  • 0 Likes

Replacing the FW serial number in Panorama with a new one

Hi, What is a reliable way to replace the FW serial number in Panorama? We had a problem uploading a new license because the FW serial number did not match. Palo Alto TAC solved the problem, but the serial numbers changed, which caused the FW to be disconnected from Panorama. What should be done to swap the serial numbers so that all rules...

root partition available space reducing

I have a VM-500 ,PANOS-10.2.8-h3.root available space is decreasing and is now only 3%. I usually run below commands which sometimes can get me 1 or 2%. I have aggressive cleaning at 90% enabled. Why is creeping to 97% even with aggressive cleaning enabled.I have rebooted the fw(have seen reclaims some space after reboot) but didnt help. > d...

App-ID 'hotmail' false positive?

Hello,after our recent newsletter distribution, we now see lots of blocked App-ID 'hotmail' in traffic directed to our web servers. Those are requests to HTML resources (images) just referred to from Hotmail website, most likely Hotmail users reading their mails via web frontend. Though it is indeed related to Hotmail, I doubt it should really b...

gstrehl by L1 Bithead
  • 8606 Views
  • 11 replies
  • 0 Likes

AOL Mail

Hello,Has anyone been experiencing any issues with using AOL Mail through a PAN device since last week? I'm assuming AOL changed the behavior of their webmail site and now sections of the portal are not available - such as the inbox. Errors also pop up saying "we have encountered difficulties". However, outside the PAN device, the portal loads...

MGoodnow by L4 Transporter
  • 266497 Views
  • 15 replies
  • 0 Likes

SYSLOG Issue after upgrade

Hi Team, I just upgraded my PaloAlto to 11.1.3. after upgrade we faced issue that syslog receied delay log. "debug log-receiver statistics" Logging statistics------------------------------ -----------Log incoming rate: 448/secLog written rate: 467/secCorrupted packets: 0Corrupted HTTP HDR packets: 0Corrupted HTTP HDR Insert packets: 0Co...

What encryption is my SSL connection using?

We're on 9.0.9 and want to turn on the feature allowing users to connect to GlobalProtect using SSL if there is a need. Is there anywhere in the Monitor tab you can look to find what encryption is used for a particular users connection? I read this where it says, "The gateway responds to the request and selects the encryption and authentication ...

What's the difference between custom URL filtering in security policy and in URL filtering Security Profile?

Hello, Guys, I have one question.First below is the packet flow from "Packet Flow.pdf" document. According to this document ...In the red square, before PA make session table, it checks packet's ip and port (like the legacy L4 firewall), and then after the session created, it check Content, APP-ID.So I made this rule(URL Block).According to pack...

JTR by Not applicable
  • 15290 Views
  • 9 replies
  • 0 Likes

FQDN security policy

Our internal servers connects to a server on internet . There are existing FQDN based security policies. The destination FQDN resolves into multiple ip addresses . I am seeing few allows and denies for that particular destination URL on paloalto traffic logs . Users facing intermittent issues . It seems like firewall is querying for that destina...

P.Gandla by L0 Member
  • 2530 Views
  • 1 replies
  • 0 Likes
  • 24393 Posts
  • 123 Subscriptions
Top Solution Authors
Labels