General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Resolved! Manual failback for PBF

Is there a way to force PBF rules to have to be manually failved back? As it is now, if our primary ISP fails, we failover to a secondary ISP using PBF. However, once the primary is back up, things fail back to it immediately. We would like to preven

...

cburke by L1 Bithead
  • 5223 Views
  • 9 replies
  • 0 Likes

Losing group mappings suddenly

Hi, 

 

We have a PA3020 with PanOS 6.1.10. We are having problem with any groups, suddenly the Palo Alto loses group mappings in 2 groups and the rule stops matching, we dont know why PA stops identifying the groups.

 

I have checked the useridd.log

...

Aggregate Ethernet Considerations

Hello Everyone, 

 

I just want to double check my understanding of AE interfaces limitations indicated below. Appreciate your feedback.

 

1. I cannot mix 1G copper interfaces with 1G fiber interfaces in the same AE. Is this correct for all platforms

...

PCoIP traffic getting dropped because it's using SSL

I have VMWare View clients and I'm trying to set up the rule with the vmware-view App-ID, but the traffic gets dropped at PCoIP. The PA logs are showing tcp/4172 as SSL, even though PCoIP has port tcp/4172 defined.

 

 

Is this an issue with the App-I

...

Maxstr by L3 Networker
  • 7713 Views
  • 13 replies
  • 0 Likes

Globalprotect and simple SSL VPN?

It appears that, after a user has authenticated to a Globalprotect portal for the first time, they are prompted to download and install client software. Does Globalprotect (or Palo Alto in general) provide the option of simple client SSL VPN? ie; whe

...

Upgrade 6.1.x to 7.0.x

In the release notes of 7.0.5-h2 there is now this information:

 

Before you upgrade to PAN-OS 7.0.3 or a later PAN-OS 7.0 release, you should review the information about how to upgrade
a firewall to PAN-OS 7.0. Additionally, if virtual system (vsys)

...

Anon1 by L4 Transporter
  • 7293 Views
  • 10 replies
  • 0 Likes

Bug in password-string when using GlobalProtect with LDAP?

We had some users, who were not able to use VPN. they alway got XML parse-errors in the GlobalProtect Agent log.

 

We finaly found out, that this users had '<' or '>' in theire passwords. when thy changed theire passwords in some string without these

...

inheco by L0 Member
  • 2209 Views
  • 2 replies
  • 2 Likes

PA-VM Update Check Fails

We have recently deployed PA-VM to ESXi for testing and we have found that any attempt to upgrade the unit fails with a very vague message.

 

cfg.platform.serial': NO_MATCHES 'cfg.general.vm-mode-type': NO_MATCHES 2016-03-10 09:14:42.447 -0800 updater ...

xandout by L1 Bithead
  • 8817 Views
  • 10 replies
  • 0 Likes

7.0.3 upgrade

I am planning on upgrading the PA 5050 os from 6.1.7 to 7.0.3. I have been reading over the changes and I think it would be beneficial to see examples instead of description of what changes are , anyone have any recommendations

jdprovine by L4 Transporter
  • 11321 Views
  • 27 replies
  • 0 Likes
  • 23591 Posts
  • 103 Subscriptions
Top Solution Authors
Top Liked Authors
Labels