General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Ensuring a Safe and Secure Community: How You Can Help

 

Dear LIVEcommunity Members,

 

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

safe-community_oct24.jpg
report-content.jpg
jforsythe by Community Team Member
  • 275 Views
  • 0 replies
  • 1 Likes

Asynchronous Security Zones?

Is there an issue with asynchronous routing if the traffic passes through different security zones? We have our PAs setup with subinterfaces for our respective VLANs. So we have:

Eth1/3.10

Eth1/3.20

Eth1/3.30

Eth1/3.40

 

These subinterfaces connect to

...

high latency after HA failover

Hello team,

 

I have an HA active/passive with a couple of PA-3250. After failover from active to passive there are a high latency for all the connections and some Http/https sessions cannot be established. I see in the traffic logs many aged out sessi

...

Carracido by L3 Networker
  • 2831 Views
  • 4 replies
  • 0 Likes

Multiple SAN on SCEP profile

Hi,

Is there a way to define multiple SAN names in SCEP profile?
We are trying to use SCEP for management access certificates for PAs in HA but with one certificate for both with both hostnames in SAN fields.
I don't see a way to enter more than one, I

...

CITNetwork_0-1700576009821.png

No Logs for matched rule

Hello everyone,

 

We are facing a strange problem with one of our PA-220.

I created a rule to allow all traffic between 2 different zones with our default log settings. The problem is that I only see a hand full hits and nothing in the traffic log.

Y

...

Website Access Issue from one of branch office

Hello All,

We have PA-850 implemented across the sites (4 sites), there is a URL www.crunchydata.com is not accessible from one of Branch Office in US, while there is no issue accessing same URL from other branches. However

- i have checked and confi

...

ECMP Single Interface

I have an HA pair of firewalls in my data center. I have a single ISP that provides two routers for internet access. I use HSRP on those routers, which obviously share the same subnet on the inside interface that connects to the outside interface of

...

create a new Vsys queries.

Wish to configure new VSYS, will it cause any issue while configuring?

 

Do we need to reboot after enabling Multi-vsys opention?

Will it will cause network disruption over default VSYS1?

· Will it will affect the functionality of Access Control Poli

...

IPSEC VPN tunnel

We have a site to site VPN tunnel that fails when the vendor side tries to Re-Key. We are seeing no U-Turn policy blocking them. We can ReKey from outside without issue. 

 

1. Has anyone seen this issue previously and been able to fix it?

2. Does any

...

  • 23639 Posts
  • 107 Subscriptions
Top Liked Authors
Labels