General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Ensuring a Safe and Secure Community: How You Can Help

 

Dear LIVEcommunity Members,

 

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

safe-community_oct24.jpg
report-content.jpg
jforsythe by Community Team Member
  • 234 Views
  • 0 replies
  • 0 Likes

Resolved! ping between server is not working

Hi,

 

I have created a rule to allow ping between to and fro from servers below is the scenario

 

source zone: A, B, C

Source IP: 1 , 2 , 3

Destination zone: A, B, C

Destination IP: 1, 2, 3

Application: Ping

Service: application-default

action: Allow

...

PA-200 - Passing traffic through multiple ISP links

 

 

 

 

I have a Palo Alto PA-200 and the setup I'm trying to configure is as below.

 

 

 

 

 

  • I'm using "Fiber1" and "Fiber2" for Internet purpose. These 2 links are connected to firewall via a trunk port.
  • The ADSL links and the "LankaCom" link in the right ar
...

Internal Network1.jpg

Resolved! Unable to Create Encryption Setting

Hello Community,

 

Can someone please tell me why when ever I try create an Encryption setting aes256, as shown in the image, it defaults to aes-128-cbc

 

I'm run PA-VM software version 7.0.6

 

Thank you

 

Carlton

aes256.png
aes128cbc.png

Getting Started: Layer 2 Interfaces

I have installed a VM-100 and was able to configure the management interface. When I go under the network tab all interfaces are showing as down. How do I get an interface to go into an up state?

 

 

Resolved! Google QUIC traffic blocked?

We're getting a lot of blocked traffic on UDP port 80 and 443. From looking into it this is Google's new QUIC protocol over Chrome.

What is everyone else doing in this case? I'd prefer not to allow all UDP traffic over port 80 & 443. Any chance off a

...

pmc by L2 Linker
  • 8373 Views
  • 5 replies
  • 1 Likes

Unexpected proxy ARP from NAT policy

Hi there,

 

I had an interesting go round with PAN support involving proxy ARP and source NAT.   Background: I don’t use the PAN for public ingress/egress traffic, for me it is for internal DMZs only.  As such, I’ve not had the opportunity to utilize

...

msullivan by L3 Networker
  • 4208 Views
  • 2 replies
  • 2 Likes

Licensing Costs

Hello Community,

 

Can someone give me a general guide as to license costs. For example, if I wanted purchase, URL Filtering license or Antivirus or Anti-spyware license for a year, how much would that cost me as an individual as opposed to a corpora

...

Resolved! Anti-virus Block Option Not Available

Hello Community,

 

I would like to set an Antivirus action to 'Block', but for some reason that option isn't available, see image. However, it has been available on my other PA-VM. Can someone explain why I can't see that option here?

 

block.png

GP client doesn't populate the gateway after installing

When users download the GP client from my portal and install it, the gateway field is blank. I've configured the gateway in the Globalprotect Portal>Agent Configuration>Gateways. 

 

Is there a way to have the gateway information pre-filled? 

Maxstr by L3 Networker
  • 1907 Views
  • 3 replies
  • 0 Likes

Timeout while waiting for response from agent.

Hi All,

 

We are using kaseya for monitoring palo alto firewall it was working fine month back but suddenly it stopped and we are getting "Timeout while waiting for response from agent." for all the montors we set up for the 

 

anyboady know the solu

...

IPSec traffic being treated as "ciscovpn" applicatoin

Hi,

 

Having an issue with IPSec tunnels. Sometimes (not all the time), phase 1 can't be established because IKE traffic is being treated as "ciscovpn" instead of ike and being discarded. Once I clear the session, the next session establishes correctly

...

allarm by L0 Member
  • 4534 Views
  • 10 replies
  • 0 Likes

Resolved! Ageout

Hi all,

 

I was able to ping external server from firewall and getting reply back from the server without any issues, however in firewall log it's showing aged out.

 

Anybody know the reason behind this?why we are getting agedout after proper respons

...

  • 23622 Posts
  • 107 Subscriptions
Labels