General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Minemeld - best way to backup and move config to new image

I am tring to move the /opt/minemeld/local/config directory to a new image of Minemeld I have running in AWS. I can scp the config directory out of my exisintg Minemeld using winscp but when I try to copy it into my new Mindmeld image it always aborts. It appears to be a permission issue but not sure how to around this. I am logged in via wi...

rschunk by L2 Linker
  • 7668 Views
  • 1 replies
  • 0 Likes

Resolved! Session Lookup for inter-virtual communication

Hello Experts I was just wondering how firewall session is created for inter-vr communication. I have scenario like this: Interface eth1/1 (Trust-VR) Trust Zone ---LAN (10.10.10.0/24)Interface eth1/2 (Untrust-VR) Untrust Zone ---INTERNET In Trust-VR, I have 0/0 default route towards Untrust-VR, I have created the security policy between Trust to...

Resolved! Asymmetric Routing and TCP syn check based on interface or zone?

Hello I have scenario like firewall is connected to two routers R1 and R2 through eth1/1 and eth1/2 interfaces respectively. From firewall, traffic is going through R1 via eth1/1 interface and return traffic is coming through R2 via eth1/2. This is asymmetric routing and firewall tcp syn check will fail. My question is that Palo Alto firewall c...

Can i prevent windows login bruteforce through palo alto?

Hello all, is palo alto is capable of detecting password bruteforce attempts on windows login, for example, if a user put the password wrong many times while he was trying to login to a machie inside a company, is palo alto capable of detecting this kind of activity, i am not talking about HTTP or SMB bruteforce, i am talking about kerberos auth...

Resolved! Dual ISP and returning traffic

Hi, this is the scenario: - ISP1 : only for GlobalProtect-ISP2 : only for Internet access ISP1 has distance 10 and metric 10ISP2 has distance 10 and metric 15 in this scenario the ISP1 interface responds to Global protect gateway/portal no problem. Also ISP2 pings, and i can access management through ISP2 public ip. If i change the metric to ISP...

myrdin by L2 Linker
  • 3721 Views
  • 2 replies
  • 0 Likes

Anyone using vwires consisting of a single interface on one side and a link aggregate on the other?

We've discovered what we consider a handy feature: creating a vwire with a single interface on one side and a LAG on the other side. This lets you connect a network device with no redundant network connection capabilities to a LAG on a pair of switches for redundancy. We are using this to connect a router and a remote access box to two switches ...

Resolved! URL Test site - Down?

http://urlfiltering.paloaltonetworks.com/testASite.aspxI am having issues getting to the test site.Are the servers down?

Resolved! VPN SSL Two factor authentication

Hi,i'm looking for a solution for VPN, that will support authentication in Active Directory and will support Two Factor authentication with OTP.I read that GlobalProtect can provide me all features.My questions:is there any Palo Alto native VPN client or WEB client only ?if there is native VPN client: - does it support Windows 10 and OS X 10.11 ...

Anahaym by L0 Member
  • 3704 Views
  • 3 replies
  • 0 Likes

Different DHCP Subnets on same Interface

Hello everyone, one of my customer has the following specific requirement. PA500 version 7.1.0Inside Interface IP: 10.0.1.1/24 Firewall should act as DHCP Server and assign IP Addresses in the following Scopes only via inside interface. Scope: LAN DevicesRange: 10.0.1.50-10.0.1.100 /24Gateway: 10.0.1.254 Scope: WAN DevicesRange: 10.0.25.50-10.0....

Two Subnets For Two Group Of People

Hi,Can one help me how to configure two groups of people that use GP as a VPN client?let say I have user 1-5 needs to access my inside firewall with subnet 192.168.1.0/24and I have users 6-10 needs to access my inside and couple of the IPsec tunnel to reach inside of other firewalls with subnet 192.168.2.0/24 Is there a way to do it by multipl...

PAN-DB cloud list loading failed

I've been getting alerts from all my PAN firewalls starting last night at 8:51pm EDT that they can't connect to the PAN cloud to update the PAN-DB URL database.Anyone else seeing the same or a similar issue?

Issue when loading from AWS Marketplace Palo Alto VM-Series

Hi, When loading the AMI from AWS Marketplace, I get the following error when the machine tries to boot: Enter 'maint' for boot menu.Booting PANOS (sysroot0) after 5 seconds...Booting 'PANOS (sysroot0)' root (hd0,1) Filesystem type is ext2fs, partition type 0x83kernel /boot/vmlinuz ro root=/dev/sda2 init=/sbin/init_single_core console=ttyS 0,960...

  • 24403 Posts
  • 123 Subscriptions
Top Solution Authors
Labels