This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4254 Views
  • 0 replies
  • 0 Likes

Resolved! Grouping security policies

Hello Experts Can we group the security policies like all AD related rules in one group. This functionality is there in Juniper NSM and checkpoint. I am wondering how I can achieve this in PA. May be through tags?

Minemeld - best way to backup and move config to new image

I am tring to move the /opt/minemeld/local/config directory to a new image of Minemeld I have running in AWS. I can scp the config directory out of my exisintg Minemeld using winscp but when I try to copy it into my new Mindmeld image it always aborts. It appears to be a permission issue but not sure how to around this. I am logged in via wi...

rschunk by L2 Linker
  • 7625 Views
  • 1 replies
  • 0 Likes

Resolved! Session Lookup for inter-virtual communication

Hello Experts I was just wondering how firewall session is created for inter-vr communication. I have scenario like this: Interface eth1/1 (Trust-VR) Trust Zone ---LAN (10.10.10.0/24)Interface eth1/2 (Untrust-VR) Untrust Zone ---INTERNET In Trust-VR, I have 0/0 default route towards Untrust-VR, I have created the security policy between Trust to...

Resolved! Asymmetric Routing and TCP syn check based on interface or zone?

Hello I have scenario like firewall is connected to two routers R1 and R2 through eth1/1 and eth1/2 interfaces respectively. From firewall, traffic is going through R1 via eth1/1 interface and return traffic is coming through R2 via eth1/2. This is asymmetric routing and firewall tcp syn check will fail. My question is that Palo Alto firewall c...

Can i prevent windows login bruteforce through palo alto?

Hello all, is palo alto is capable of detecting password bruteforce attempts on windows login, for example, if a user put the password wrong many times while he was trying to login to a machie inside a company, is palo alto capable of detecting this kind of activity, i am not talking about HTTP or SMB bruteforce, i am talking about kerberos auth...

Resolved! Dual ISP and returning traffic

Hi, this is the scenario: - ISP1 : only for GlobalProtect-ISP2 : only for Internet access ISP1 has distance 10 and metric 10ISP2 has distance 10 and metric 15 in this scenario the ISP1 interface responds to Global protect gateway/portal no problem. Also ISP2 pings, and i can access management through ISP2 public ip. If i change the metric to ISP...

myrdin by L2 Linker
  • 3631 Views
  • 2 replies
  • 0 Likes

Anyone using vwires consisting of a single interface on one side and a link aggregate on the other?

We've discovered what we consider a handy feature: creating a vwire with a single interface on one side and a LAG on the other side. This lets you connect a network device with no redundant network connection capabilities to a LAG on a pair of switches for redundancy. We are using this to connect a router and a remote access box to two switches ...

Resolved! URL Test site - Down?

http://urlfiltering.paloaltonetworks.com/testASite.aspxI am having issues getting to the test site.Are the servers down?

Resolved! VPN SSL Two factor authentication

Hi,i'm looking for a solution for VPN, that will support authentication in Active Directory and will support Two Factor authentication with OTP.I read that GlobalProtect can provide me all features.My questions:is there any Palo Alto native VPN client or WEB client only ?if there is native VPN client: - does it support Windows 10 and OS X 10.11 ...

Anahaym by L0 Member
  • 3631 Views
  • 3 replies
  • 0 Likes

Different DHCP Subnets on same Interface

Hello everyone, one of my customer has the following specific requirement. PA500 version 7.1.0Inside Interface IP: 10.0.1.1/24 Firewall should act as DHCP Server and assign IP Addresses in the following Scopes only via inside interface. Scope: LAN DevicesRange: 10.0.1.50-10.0.1.100 /24Gateway: 10.0.1.254 Scope: WAN DevicesRange: 10.0.25.50-10.0....

Two Subnets For Two Group Of People

Hi,Can one help me how to configure two groups of people that use GP as a VPN client?let say I have user 1-5 needs to access my inside firewall with subnet 192.168.1.0/24and I have users 6-10 needs to access my inside and couple of the IPsec tunnel to reach inside of other firewalls with subnet 192.168.2.0/24 Is there a way to do it by multipl...

PAN-DB cloud list loading failed

I've been getting alerts from all my PAN firewalls starting last night at 8:51pm EDT that they can't connect to the PAN cloud to update the PAN-DB URL database.Anyone else seeing the same or a similar issue?

  • 24362 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks