General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

How and Why to Accept a Solution to Your Post

Did you know that you can help your fellow community members by accepting solutions when a reply answers your question. Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature

...

JayGolf_0-1691518400714.jpeg
JayGolf by Community Team Member
  • 2953 Views
  • 2 replies
  • 14 Likes

Experiences with PAN-OS 6.1.8 ...

Hi all

 

Does anyone already have installed 6.1.8 and tested? Are there any new issues?

What I can tell so far is ...

... some sites with supported ciphersuites and TLS versions which did not work in 6.1.7 are working now

... websites with ECDHE/DHE

...

Remo by L7 Applicator
  • 2383 Views
  • 4 replies
  • 0 Likes

Site-to-Site VPN with Dynamic Peer IP address not forming

In this set up, I'm trying to configure a site-to-site VPN between a PA and a Cisco 3G router (whose IP address will be dynamic). I'm unable to get the tunnel working. When I run the command 'show vpn ike-sa gateway <gatewayname>', I get no informati

...

Bocsa by L3 Networker
  • 3794 Views
  • 7 replies
  • 0 Likes

Disabled policy rules

Hi,

 

Under monitoring , still disabled policy rules matching to some some session .
And the session status are most of them 'incomplete' .
Why ?
Thanks

sib2017 by L4 Transporter
  • 1655 Views
  • 3 replies
  • 0 Likes

Resolved! DNS traffic allowed for one server but dropped for another

I have a perplexing problem with allowing DNS traffic from internal to the internet on our new PA-3020 running 7.0.3.

 

We have 2 DNS servers in our datacentre on the same subnet that perform queries to a couple of external DNS servers provided by ou

...

mitre10 by L0 Member
  • 3903 Views
  • 1 replies
  • 0 Likes

What Dynamic block lists do others use?

Hi there,

 

I have recently started wanting to setup using some Dynamic block lists in my PA box. I just wondered if others use these and if so, which sites do they use?

 

I was inially looking at using these 2.

 

www.spamhaus.org

 

www.openbl.org

 

...

JRussell by L3 Networker
  • 2283 Views
  • 2 replies
  • 0 Likes

Resolved! Disabling Direct Access To Local Networks - GP VPN

Hi,

 

I was wondering whether someone can provide me clarification on this feature.

 

Palo states 

"You can now disable direct access to local networks so that users cannot send traffic to proxies or local resources while connected to a GlobalProtect

...

indysogi by L2 Linker
  • 2874 Views
  • 2 replies
  • 0 Likes

Resolved! Authentication user (UserID agent) problems

Hi, user registered sometime in UserID-Agent and sometime they dont, randomly...We have installe another UserID agent but the result its the same.

 

we run show user ip-user-mapping all and we dont see any user, but if we run show user ip-user-mappin

...

Issue creating IPSec VPN using loopback

Hey guys,

 

Looking for some assistance on getting a strange issue resolved. I've got a site-to-site VPN set up for a connection to AWS for one of our customers. I've created two loopbacks, loopback.5 and loopback.6, on the outside zone that fall in

...

Resolved! Egress/Ingress difference for QoS

Hi Everyone,

 

My internal network (trust zone) operates at 1Gb speeds and the connectivity with ISP (untrust) is at 100Mb. I am in the process of setting up SIP QoS but am a little confused as to how I should manage the inconsistences between the IS

...

max session count in a month

Hi All,

          I want to find maxmimum session count reached in the past month. Now the PA device is not live, so i cannot find the current/live session count from the dashboard.

 

Under monitor > App Scope > network monitor i can get the traffice

...

session count for 30days.jpg
Gururaj by L4 Transporter
  • 7086 Views
  • 4 replies
  • 1 Likes
  • 24035 Posts
  • 99 Subscriptions
Top Solution Authors
Top Liked Authors