This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Ensuring a Safe and Secure Community: How You Can Help

 

Dear LIVEcommunity Members,

 

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

safe-community_oct24.jpg
report-content.jpg
jforsythe by Community Team Member
  • 410 Views
  • 0 replies
  • 2 Likes

Site-to-Site VPN with Dynamic Peer IP address not forming

In this set up, I'm trying to configure a site-to-site VPN between a PA and a Cisco 3G router (whose IP address will be dynamic). I'm unable to get the tunnel working. When I run the command 'show vpn ike-sa gateway <gatewayname>', I get no informati

...

Bocsa by L3 Networker
  • 4758 Views
  • 7 replies
  • 0 Likes

Disabled policy rules

Hi,

 

Under monitoring , still disabled policy rules matching to some some session .
And the session status are most of them 'incomplete' .
Why ?
Thanks

sib2017 by L4 Transporter
  • 1920 Views
  • 3 replies
  • 0 Likes

Resolved! DNS traffic allowed for one server but dropped for another

I have a perplexing problem with allowing DNS traffic from internal to the internet on our new PA-3020 running 7.0.3.

 

We have 2 DNS servers in our datacentre on the same subnet that perform queries to a couple of external DNS servers provided by ou

...

Mitre10 by L0 Member
  • 4529 Views
  • 1 replies
  • 0 Likes

What Dynamic block lists do others use?

Hi there,

 

I have recently started wanting to setup using some Dynamic block lists in my PA box. I just wondered if others use these and if so, which sites do they use?

 

I was inially looking at using these 2.

 

www.spamhaus.org

 

www.openbl.org

 

...

JRussell by L3 Networker
  • 2512 Views
  • 2 replies
  • 0 Likes

Resolved! Disabling Direct Access To Local Networks - GP VPN

Hi,

 

I was wondering whether someone can provide me clarification on this feature.

 

Palo states 

"You can now disable direct access to local networks so that users cannot send traffic to proxies or local resources while connected to a GlobalProtect

...

indysogi by L2 Linker
  • 3337 Views
  • 2 replies
  • 0 Likes

Resolved! Authentication user (UserID agent) problems

Hi, user registered sometime in UserID-Agent and sometime they dont, randomly...We have installe another UserID agent but the result its the same.

 

we run show user ip-user-mapping all and we dont see any user, but if we run show user ip-user-mappin

...

Issue creating IPSec VPN using loopback

Hey guys,

 

Looking for some assistance on getting a strange issue resolved. I've got a site-to-site VPN set up for a connection to AWS for one of our customers. I've created two loopbacks, loopback.5 and loopback.6, on the outside zone that fall in

...

Resolved! Egress/Ingress difference for QoS

Hi Everyone,

 

My internal network (trust zone) operates at 1Gb speeds and the connectivity with ISP (untrust) is at 100Mb. I am in the process of setting up SIP QoS but am a little confused as to how I should manage the inconsistences between the IS

...

max session count in a month

Hi All,

          I want to find maxmimum session count reached in the past month. Now the PA device is not live, so i cannot find the current/live session count from the dashboard.

 

Under monitor > App Scope > network monitor i can get the traffice

...

session count for 30days.jpg
Gururaj by L4 Transporter
  • 8387 Views
  • 4 replies
  • 1 Likes

Resolved! PBR/NAT mechanics

Good morning everyone,

 

I have a weird issue that I think is related to how PBR or NAT works and/or something we need to program differently on our Palo Alto. I’ll try to explain our setup and the issue that occurred.

 

We have our main circuit that

...

ClintL by L2 Linker
  • 3254 Views
  • 2 replies
  • 0 Likes

VPN Global Protect certificate error

Hello,

I have a big problem with self signed certificate in my PAN. I use GP 2.3.0 version.

 

I install two certificates in two computers. One of them are connect to the VPN correctly but other display window with "Server Certificate Error" Error det

...

ITBT by L1 Bithead
  • 20692 Views
  • 2 replies
  • 0 Likes

Resolved! SSL Decryption

With SSL Decryption it is recomended that Financial services & Medical category is not decrypted.

My question is how do you ensure that sites that should not be decrypted are not i.e. JP Morgan is clearly a Financial services and will not get decrypt

...

RC-BHF by L2 Linker
  • 2552 Views
  • 2 replies
  • 0 Likes
  • 23695 Posts
  • 110 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks