General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

 

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! 

 

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 594 Views
  • 0 replies
  • 0 Likes

Resolved! OSPF pocket in an EIGRP network

I am putting a PA firewall in our datacenter and am looking to have the firewall advertise the protected subnets out to the rest of the network.  However, the rest of the network uses EIGRP, so the datacenter switch and the PA firewall will need to b

...

pa-ospf-eigrp.png
DMast by L2 Linker
  • 2911 Views
  • 2 replies
  • 0 Likes

Resolved! Policies >> Security

Unsure quite how to phrase my question. Under Policies >> Security:

 

I have a Rule way at the top for McAfee ePO; tcp; port 8443.

Settings that I have set are:

 Source Zone: Trust     Source: IP address for a specific internal host 

 Destination Zone: Un

...

Some Users not Mapping in User-ID

Hi All,

I'm currently experiencing some issues with user-id mapping. Some users are not being mapped to IP addresses.

 

Current setup: I have 3 domain controllers - all have Service Accounts with correct privileges. They are also showing as 'Connecte

...

Bocsa by L3 Networker
  • 11339 Views
  • 9 replies
  • 0 Likes

Resolved! Applications On Non-Standard Ports

It's perfectly possible I'm being unusually dumb here, but I can't see an elegant way of allowing application usage on non-standard ports - for example ssh on tcp/32777. The obvious way of doing it is to allow a rule that allows appid:ssh on service:

...

visualize custom regions on traffic/threat map

Is it possilbe to show custom regions with gps coordinations on the threat/traffic map with the correct gps coordinates?

 

We have set custom regions for departments with private subnets and gps coordinations.

In the traffic or threat map we can only se

...

PaloMap.jpg
PaloRegions.jpg

NAT question when migrating config.

Converting config from Nortel Connectivty switch to PA200.

3 interfaces

untrust - public ip - 202.3.41.0/28

trust:private ip - 10.10.10.0/24.

dmz-203.4.42.96/28

 

There is one to one mapping of few untrust ip to trust ips( to access trust ips from ou

...

Moving a VSYS from one PA device to another

Hello

Question here , how can we move a VSYS from one device to another ? please note that in this scenario we cannot backup everything a restore on target since target is running other things that need to be running .

Any ideas ? what are important th

...

Resolved! Get information on Security Profiles our of PANOS?

Hi all,

 

My team is currently undergoing an audit and one of the requests is for the configuration of the security profiles, including URL filtering, from our firewalls.  As we are fairly new to PANOS this has not been requested before.  I don't see

...

RSKadish by L2 Linker
  • 5088 Views
  • 4 replies
  • 0 Likes

Resolved! Security flaw with GlobalProtect?

Hi,

While setting up a computer with fingerprint authentication+windows password, I discovered that after installing GlobalProtect I could circumvent the whole two-factor authentication by choosing to login with GlobalProtect(clicking the GP icon in t

...

  • 24105 Posts
  • 117 Subscriptions
Top Liked Authors
Labels