General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

 

Rules and Best Practices

 

  1. Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion
...

JayGolf by Community Team Member
  • 320 Views
  • 0 replies
  • 0 Likes

Palo Alto Global Protect

Hello. 

   I am looking to setup and use Palo Alto's Global Protect feature; The question I have is if I have only 1 egress port (WAN) port that is public-facing, can I setup my Global Protect on that egress port or do I need to use another port for

...

ITSMC24 by L1 Bithead
  • 442 Views
  • 2 replies
  • 0 Likes

For those that seek to get SSH Proxy working

Searching the internet it seems that people are looking to enable SSH Proxy and not finding answers. I managed to get it working but must say that the current supported SSH decrytion parameters for all PAN-OS versions aren't the most secure ones so y

...

Untitled1.png
Untitled1.png
Untitled2.png
Untitled2.png
Han.Valk by L2 Linker
  • 374 Views
  • 1 replies
  • 1 Likes

GlobalProtect access to local LAN devices

I am fairly new to Palo Alto devices.  We are in the process of testing the GlobalProtect client and have set it up without split-tunneling.

I have confirmed this works for web browsing (get the PA NAT address), but we are still able to get to all lo

...

rgreens by L2 Linker
  • 16210 Views
  • 12 replies
  • 0 Likes

Onboarding to Passive HA to Panorama

Hi Everyone,

I need advice on how to onboard the passive HA to Panorama. The Primary is already on Panorama but upon checking, it doesn't belong to a device group yet. I have read some documentation on how to onboard a local firewall to panorama, but

...

N.MANTUA by L1 Bithead
  • 370 Views
  • 2 replies
  • 0 Likes

Resolved! Replicating vSwitch NIC status to a NGFW VM (ESXi)

Greetings all,

 

I wanted to see if anyone has successfully replicated the status of a host NIC attached to a vSwitch to a Palo Alto NGFW VM in ESXi 8? 

Right now, all ports always remain up because the virtual switch they are attached to remain up. I

...

Resolved! Deep Packet Inspection and SSL Certificate

Hello, newbie here. One of our clients asked me: 

 

"We have an exchange server which is on site.  We need to renew the ssl certificate, I was told that if the Palo Alto firewall performs deep packet inspection, we need to supply the ssl certificate

...

N.MANTUA by L1 Bithead
  • 842 Views
  • 4 replies
  • 0 Likes

Resolved! Failed to check content upgrade info due to Peer certificate cannot be authenticated with given CA certificates started 10/12/2021

Hi,

 

It looks like the cert on us-static.updates.paloaltonetworks.com applied on IPv6 address is expired.2600:1901:0:669:0:0:0:0.

 

go to www.ssllabs.com and check it..

option 1. Device > setup > Services > change the update server to the default.

option

...

Capture.PNG
Capture2.PNG

Resolved! Explicit allow to Microsoft Update services

I've read through a dozen questions and the scores of answers to those questions, and I'm finding a mix of outdated information, bad information or just unrelated options...  I suspect this is going to send down a rabbit hole, so I'll try to compartm

...

bhelman by L2 Linker
  • 16759 Views
  • 5 replies
  • 1 Likes

unable to open a case

I have a new support account, but there appears to be a problem.  URL is https://support.paloaltonetworks.com/Error/Error.

 

I need to open a case for a critical issue.

  • 23824 Posts
  • 112 Subscriptions
Top Liked Authors
Labels