General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

 

Rules and Best Practices

 

  1. Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion
...

JayGolf by Community Team Member
  • 358 Views
  • 0 replies
  • 0 Likes

Web page issues between F5 and PA

After migrating from an ASA to PA3020, users reported that web pages were not fully loading.  The issue was seen on the ASA but rarely.  The PA3020 has been showing this issue more often than not resulting in a work around being done on the webpage. 

...

RRAPP by L1 Bithead
  • 4057 Views
  • 5 replies
  • 0 Likes

Really good tool!

Hi,

This is an really good tool for managing dynamic lists.
So far I have tested a basic setup and I have a few comments/suggestions.

 

* How do I change the ssl certificate for MineMeld.

* Will you also implement domain blocklists soons (currently runnin

...

Resolved! VMware ESXi 6.0 and PA VMs

Is VMware ESXi with vSphere 6.0 supported?

The technical documentation for the 6.1 virtual appliances states: "VMware ESXi with vSphere 5.0, 5.1, and 5.5 for VM-Series running PAN-OS 6.1."

And the 7.0 documentation states: "VMware ESXi with vSphere 5.1

...

Resolved! OSPF pocket in an EIGRP network

I am putting a PA firewall in our datacenter and am looking to have the firewall advertise the protected subnets out to the rest of the network.  However, the rest of the network uses EIGRP, so the datacenter switch and the PA firewall will need to b

...

pa-ospf-eigrp.png
DMast by L2 Linker
  • 2695 Views
  • 2 replies
  • 0 Likes

Resolved! Policies >> Security

Unsure quite how to phrase my question. Under Policies >> Security:

 

I have a Rule way at the top for McAfee ePO; tcp; port 8443.

Settings that I have set are:

 Source Zone: Trust     Source: IP address for a specific internal host 

 Destination Zone: Un

...

Some Users not Mapping in User-ID

Hi All,

I'm currently experiencing some issues with user-id mapping. Some users are not being mapped to IP addresses.

 

Current setup: I have 3 domain controllers - all have Service Accounts with correct privileges. They are also showing as 'Connecte

...

Bocsa by L3 Networker
  • 9841 Views
  • 9 replies
  • 0 Likes

Resolved! Applications On Non-Standard Ports

It's perfectly possible I'm being unusually dumb here, but I can't see an elegant way of allowing application usage on non-standard ports - for example ssh on tcp/32777. The obvious way of doing it is to allow a rule that allows appid:ssh on service:

...

visualize custom regions on traffic/threat map

Is it possilbe to show custom regions with gps coordinations on the threat/traffic map with the correct gps coordinates?

 

We have set custom regions for departments with private subnets and gps coordinations.

In the traffic or threat map we can only se

...

PaloMap.jpg
PaloRegions.jpg

NAT question when migrating config.

Converting config from Nortel Connectivty switch to PA200.

3 interfaces

untrust - public ip - 202.3.41.0/28

trust:private ip - 10.10.10.0/24.

dmz-203.4.42.96/28

 

There is one to one mapping of few untrust ip to trust ips( to access trust ips from ou

...

Moving a VSYS from one PA device to another

Hello

Question here , how can we move a VSYS from one device to another ? please note that in this scenario we cannot backup everything a restore on target since target is running other things that need to be running .

Any ideas ? what are important th

...

  • 23834 Posts
  • 112 Subscriptions
Top Liked Authors
Labels