General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Ensuring a Safe and Secure Community: How You Can Help

 

Dear LIVEcommunity Members,

 

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

safe-community_oct24.jpg
report-content.jpg
jforsythe by Community Team Member
  • 419 Views
  • 0 replies
  • 2 Likes

Active Directory group naming scheme

Hi all,

I'd be interested to here is anyone has come up with interesting naming schemes for AD groups used within Palo Alto firewall policies.

I'm looking for inspiration as I'm looking to come up with a logical scheme on our end.

 

Cheers.

Local admin account locked

I have a cluster of two Panorama systems.  When I try the local admin account on the primary-active node the system generates a log entry saying that 'failed authentication for user admin.  Reason: User is in locked users list.  The same account name

...

birish by L0 Member
  • 9901 Views
  • 1 replies
  • 0 Likes

Resolved! test custom-url command with Panorama deployed rules.

I'm trying to test a few urls in a custom url category I have deployed on my FW, but am unable to get to work.  All my rules/objects are pushed out via Panorama and it seems as though the command only allows you to test locally defined rules (i get a

...

chrisp by L3 Networker
  • 4098 Views
  • 5 replies
  • 0 Likes

SSL Inbound Inspection


Hi,

I have setup a decryption policy to decrypt inbound SSL traffic for the Exchange web mail server. However, when I check the logs I see only some traffic as decrypted and some arnn't. Refer below screenshots,

Why isn't the policy not decrypting all

...

Shayan by L1 Bithead
  • 5744 Views
  • 6 replies
  • 0 Likes

GlobalProtect with X-Auth split tunnelling

Hi guys,

I'm working on a GP portal and gateway configuration, in order to provide to the customer full compatibility with the old vpn clients (ex: cisco) I enabled X-Auth support on it.

 

The client with a third party software authenticates but it alwa

...

Resolved! Problem with access to WF-500 Appliance

Hello,

 

I try to access to the WF-500 via the Mgmt interface but I found the error message in the attachement.

 

What is the reason of this issue ? what should i do to resolve this problem?

 

I will appreciate all your helps.

wildfire.JPG
RCHAIBI by L2 Linker
  • 3352 Views
  • 5 replies
  • 0 Likes

Resolved! RFC 3021

Does the firewall support RFC 3021 IP Space aka 255.255.255.254 mask on routed point to point interfaces?

Thanks,

Ray.

rholman by Not applicable
  • 5937 Views
  • 5 replies
  • 1 Likes

Hot fixes for 7.0.8

Hello,

 

There are two hotfixes released for 7.0.8.  Anyone from PAN TAC can share the detail about what got fixed?

 

Thanks,

 

~E

IPSec VPN issue between Palo and MS Azure

Hi Guys,

 

Having problems with a site2site VPN connection on a palo alto firewall. It seems to randomly drop and stop working. Sometimes it will stay up for days then drop and other times it stays up for about an hour and then drop. I have followed va

...

VPN logs.png

Default Ping Size

 

Is there a way to change the default ping size from 56 bytes? I know there is a switch to change the size but I'm interested in knowing if the default can be changed.

RFalconer by L3 Networker
  • 2139 Views
  • 2 replies
  • 0 Likes

FreeIPA [LDAP] group integration

Hello, anybody has experience with user group integration with FreeIPA ldap server?

I have tried many different settings with no success. With some settings i can see groups but they seems to be empty.

show user group list  - shows proper groups, but

sh

...

  • 23695 Posts
  • 110 Subscriptions
Top Solution Authors
Labels