General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Resolved! Import PA-500 config on PA-3020?

We have a 500 that we're replacing with a 3020 which arrived today. Should I need to do anything to migrate the config across other than an export and import of the running config? I know some things like ports will clearly need addressing but in terms of getting the base config across is there anything I need to be particularly aware of ple...

Resolved! GP Client IP/Route Assignment

Hello, I am having an issue with some clients when they connect remotely via the global protect client. Everything is working on most of the PC's who try to connect, but some users are receiving the issue. Here is the log of where the problem occurs : (T3584) 03/08/16 13:04:49:394 Debug(2280): Adapter friendly name is: Local Area Conn...

Resolved! User Activity Report for Managers

Management has asked for a weekly summary of department web activity on our new PA-500. I created a User Activity Report for each department but these reports are not conscise and difficult to read, especially for managers who would like a summary. Our old device had a group report of user web traffic that had graphs with helpful info like ...

MikeGill by L1 Bithead
  • 9831 Views
  • 5 replies
  • 0 Likes

how to combine layer2 and layer3 on a single port

5050 at ver 6.1.9 Hello all! You may want to sit down for this one. We have a core router that conects to a single layer 3 10GB port on a 5050 as the internet gateway. The 5050 also has several server netwks attached via 1gb ports. Again these ports are layer 3 and act as the gateway for these networks.. All connections on the 5050 are now lay...

vnt90 by L2 Linker
  • 11340 Views
  • 12 replies
  • 0 Likes

Resolved! Question about Palo Alto Networks Security Advisory (PAN-SA-2016-0004)

Hello, I have a question about this advisory. I would like to know the meaning about "prior" in releases affected. that "prior" means affected release is the inmediatly prior or all series of version (5.0.X, 6.0.X, 6.1.X, 7.0.X) ? Products Affected PAN-OS releases 5.0.17, 6.0.12, 6.1.9, 7.0.5 and prior Available Updates PAN-OS releases 5.0.1...

SOC_CSG by L4 Transporter
  • 2414 Views
  • 1 replies
  • 0 Likes

Palo Alto logs shown differently

Hi All, I have a query regarding Log monitoring. The logs for one user shows the entire subnet, where as for another user it shows that particular IP. May I know the reason behind it. Is there any setting that need to be changed or is it due to permissions.

Rravella by L0 Member
  • 2310 Views
  • 1 replies
  • 0 Likes

Max virtual routers?

Take the 3020 for example which can have a max of 10 virtual routers. Is that 10 VR's per vsys or 10 shared between any/all vsys's you have on the box?

mplewis2 by L0 Member
  • 3476 Views
  • 1 replies
  • 0 Likes

IMAP long tag anomaly

I know this was kind of asked here, and I was wondering if the best option would be to create a rule like the one mentioned in this post.. https://live.paloaltonetworks.com/t5/General-Topics/SMTP-long-MAIL-anomaly-Vulnerability-30392/m-p/2327#M1718 Since I am getting these almost everyday, and they seem to be always from one user account, an...

Zewwy by L3 Networker
  • 2342 Views
  • 1 replies
  • 0 Likes

Can not download Software or Dynamic Updates on PA-200 w/7.01-b19

I cannot download Software or Dynamic Updates on PA-200 w/7.01-b19 Cleared all logs and also reviewed tech note "How and When to Clear Disk Space on the Palo Alto Networks Device" Reviewed LiveCommunity and deleted files in the pcap directory and also the debug-log mp-log files. Anymore thoughts? --------------------------------- a082496...

Site to Site tunnels does not failover

Hi All, We have several site to site VPN tunnels built for different clients. We have PA500 in HA mode. When we do a failover, general traffic does succesfully failover to secondary, but the VPN tunnels does not failover and all the tunnels shows down. Any suggestions on how to resolve this.

Rravella by L0 Member
  • 4129 Views
  • 3 replies
  • 0 Likes

Global Protect Pre-Authentication driving me nuts

Hi. I'm trying to configure pre-authentication on my Global Protect portal. I've followed this document until I'm blue in the face, but every single time I attempt to logon to my test environment, I get GlobalProtect portal user authentication failed. Login from: AAA.BBB.CCC.DDD, User name: , Reason: client cert invalid, Auth type: pro...

darren_g by L4 Transporter
  • 2938 Views
  • 3 replies
  • 0 Likes

the ssl-vpn web page do not show up

PAN OS: 4.0.10> less webserver-log sslvpn-error.logdefault:1 main Error: Can't access DocumentRoot directory default:1 main Error: Ignoring bad directive "DocumentRoot" at line 181 in /etc/appweb/sslvpn.conf default:1 pool.1 Error: 404 "Not Found" for "/admin/Y-ivrrecording.php", file "/var/appweb/sslvpndocs/admin/Y-ivrrecording.php": ...

proestel by L1 Bithead
  • 6408 Views
  • 7 replies
  • 0 Likes
  • 24403 Posts
  • 123 Subscriptions
Top Solution Authors
Labels