General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Refresh FQDN failed

Hi guys, I have a big problem.My PA failed in refresh fqdn task and now the PA can't resolve Fqdn object.My dns Setting are good and there is no drops between PA and DNS server. Any advices? Thank you!

Erez by L1 Bithead
  • 6666 Views
  • 6 replies
  • 0 Likes

Refresh FQDN failed

Hi guys, I have a big problem.My PA failed in refresh fqdn task and now the PA can't resolve Fqdn object.My dns Setting are good and there is no drops between PA and DNS server. Any advices? Thank you!

Erez by L1 Bithead
  • 2055 Views
  • 1 replies
  • 0 Likes

Users randomly getting captive portal?

We're running a regular User-ID agent against our DCs. 99% of the time things are fine but we're getting calls from random people that every so often they're suddenly getting prompted to authentiate by the captive portal on the PAN and we cannot understand why as they are connected to the network, typically wired, and are using domain resources ...

NAT sessions troubleshooting

Hi, is there a way to troubleshoot the NAT sessions in real time? i know i can use , for example: show session all filter nat-rule NATRULE to see if i am hitting the NAT rule, but i have to keep issuing the command to do that. Is there a similar thing to see it in real-time (i.e. the "follow" using the show system resources command). thanks

myrdin by L2 Linker
  • 2322 Views
  • 1 replies
  • 0 Likes

pa200 connect to dsl modem

I want to connect PA200 to a netcomm wireless modem. I haveseen config where dls modem and wireless router are separate. Need help with connecting PA200 to netcomm box.

Multi Critera Show Command

One problem I'm running into with the Palo cli is the ability to search the configuration for configuration matching on multiple criteria. For instance, I'd like to display output showing all disabled security policies that include a description.I can search for disabled policies (show | match "disabled yes") OR I can search for policies with d...

Port forward does nt seem to work

HI imagine this scenario: Internet 1.1.1.1 PA 2.2.2.1 ---- 2.2.2.2 ROUTER 3.3.3.0/24 network I am forwarding all packets received to 1.1.1.1 https to 2.2.2.2 https which then re-nat to 3.3.3.0/24 host With a stupid dlink 50$ router instead of the PA, everything works. I just forward https to 2.2.2.2 and it works. with the Palo, no way. In the ...

myrdin by L2 Linker
  • 2439 Views
  • 2 replies
  • 0 Likes

Palo Alto 200 Setup for home use

I have been given a PA200 to setup at home to get myself familiar with Palo Alto firewalls. I have a cable modem and wireless router that will need to be connected to the PA200. I have followed the instructions on this article to get it setup:https://live.paloaltonetworks.com/t5/Configuration-Articles/Setting-Up-the-PA-200-for-Home-and-Small-O...

Hmtreviz by L1 Bithead
  • 12732 Views
  • 21 replies
  • 0 Likes

Resolved! Dynamic IP ISP NAT

I'm trying to figure out how to NAT a single server and port to my external IP address if the outside interface from the ISP is dynamic. How do I translate it if I don't have a destination address?

Resolved! HA Firewall Transition into Panorama

Hi, I have a pair of PA-3020 in Active/passive in production that will need to be imported within Panorama 7.0.3. After importing each device config, does anybody knows what will happen while pushing from panorama the device configuration bundle to each firewall...will it break the HA ? Since panorama policy and objects, device and network temp...

Tool to help map out your PA configuration

I need to go through my PA and map out the security zones, NAT rules, and so on that have accumulated over the years and I need a tool to help me scrub through the configution and sort out what is going on. I heard there was a tool called Clikr or Clickr or something like that that is an open source tool that is supposed to help with this kind ...

RustyPA by L1 Bithead
  • 5401 Views
  • 4 replies
  • 0 Likes

Resolved! Possible to store foreign ssh key on the firewall (for key-based scp transfer)?

I want to be able to use scp from the firewall to transfer a config file to a remote server without entering a password. So I need to store the remote user's public ssh key in the equivalent of an authorized_keys file on the firewall. Is this possible? What I'm trying to do is schedule an automatic pull of the running-config.xml down to a server...

dsegel by L0 Member
  • 4142 Views
  • 2 replies
  • 0 Likes

Palo Alto as a DNS Server

I have a very small network without a DNS server and I'd like to if possible use a PA200 as a DNS server. I want to try to create static DNS entries for a few hosts on the PA, then point those hosts to the PA as their DNS server. Does this work? Any caveats?

RustyPA by L1 Bithead
  • 4824 Views
  • 3 replies
  • 0 Likes
  • 24393 Posts
  • 123 Subscriptions
Top Solution Authors
Labels