This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4246 Views
  • 0 replies
  • 0 Likes

about ssl decryption error

Hi there, recently we have implemented ssl decryption in our network , But Chrome comes up with "ERR_SSL_FALLBACK_BEYOND_MINIMUM_VERSION"

Resolved! VPNC + PAN-OS 7.1

Does anyone use vpnc (As in the linux ipsec client) with xauth connecting to a PA? We have a bunch o' PA's which we are in the middle of upgrading to 7.1 however once an upgrade from 7.0.6 to 7.1 is done, VPNC will no longer connect. Downgrading back to 7.0.6 again allows VPNC to connect. The error in the logs is (ISAKMP_N_ATTRIBUTES_NOT_SUP...

New to the Palo Alto platform and have a migration question

I am fairly new to the company I work for and have inherited a network that has two ISP's with two firewalls. One firewall is an older ASA and the other is a small Sonicwall. I have pretty good experience with the ASA platform. However, the Sonicwall is new. They currently have a DMZ configured on the Sonicwall using something called "Tran...

fcrooks by L1 Bithead
  • 6254 Views
  • 8 replies
  • 0 Likes

What's the best way to permit app on non-standard port?

For instance, web browsing on port 8080. I don't want to just set the service as I also want to use port 80 and there are other apps in the rule and I'd like to use app-default as the service. I defined a custom app with web-browsing as the parent and the port as tcp/8080. That worked until I upgraded to 7.1.2 and then it broke. I'm aware t...

Behaviour app override

Hi, we are having an issue using app override. 1) We have created a custom app for Oracle (without timeout). Using these ports: tcp1521-1541. This is the config This is the app override policy: This is the security policy (app any and ports involved in this app 1533 and 60xxx): Service profile for ports open in this ORACLE connectio...

App customized.jpg
appoverride.jpg
reglaaplica.jpg
ports high.jpg

Clearing Traffic Log

Running 7.0.6 on 7050's I cleared traffic logs and lost connectivity to management sever and took about 30 min after restart of mgmt sever for traffic logs to reappear . Is this normal. Which log file has info on managemt disconnect files/reason info.? Log Reevier logs showed LPC card shut down as well but wasn tsure if that would equally cause...

system alert high opaque: websrvr: Exited

After we upgraded from 7.0.6 to 7.1.2 in one go we started receiving this error message. Does anyone know what causes this ? We are running active/active on 3050's domain: 1 receive_time: 2016/06/02 10:25:41 serial: 001701002580 seqno: 2017446 actionflags: 0x0 type: SYSTEM subtype: general config_ver: 0 time_generated: 2016/06/02 10:25:41 dg_hie...

Nested Policies Suggestion

Not really sure where to put this, but thought it might be a good idea and wanted to share it. Im still rather new to PA and so far I am enjoying it! However, I noticed after a while of creating and editing security policies it becomes quite a mess and difficult to manage. I believe if there is a way to create folders or nested security policies...

aimet by L0 Member
  • 2184 Views
  • 1 replies
  • 0 Likes

Two-factor PAN webconsole authentication

Hi,I would like to use a two-factor authentication for the administrators when they access the PAN-500 web console.With an authentication sequence I can use 2 ways to authenticate but I want to force the use of both. Is that possible?

Oasen by L0 Member
  • 5436 Views
  • 3 replies
  • 0 Likes

PANOS 71.2 GLOBAL PROTECT 3.0.2 Gateway Protocol error. Check server certificate

Hello, I'm using GP 3.0.2 on a Win7 PC (PAN OS 7.1.2). I'm getting error 'Gateway x.y.z: Protocol error. Check server certificate.' error message. I have already reinstalled the client on my computer. Same error message. My colleguea, using WIN 10, can connect without any problem. Using Dual Factor Authentication (Vasco and LDAP). Both authen...

licenselu by L4 Transporter
  • 2635 Views
  • 1 replies
  • 1 Likes

Cipher suites decryption 7.1

Hi guys, Configuring inbound SSL inspection on 7.1, decryption does not work with the newly supported cipher suites shown in the document below. https://live.paloaltonetworks.com/t5/PAN-OS-7-1-Articles/PAN-OS-7-1-Supported-ciphers/ta-p/71969 Only the cipher suites shown in the document below again work. The document above states that ECDHE...

Virtual System licensing question

Hi guys, I have never installed a virtual system so I am wondering how licenses for the Antivirus, URL filter etc are applied, are these applied to the base firewall or do we need to get a license for each virtual firewall hosted on the virtual system? Gerry

  • 24359 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks