General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

 

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! 

 

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 289 Views
  • 0 replies
  • 0 Likes

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

 

Rules and Best Practices

 

  1. Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion
...

JayGolf by Community Team Member
  • 966 Views
  • 0 replies
  • 0 Likes

Resolved! Multiple Tunnels with 0.0.0.0/0 proxy-ids

The scenario is 3 firewalls, with PA-HO acting as the hub and PA-1 and PA-2 as the branch sites. The Branch sites connect to the head office network via ipsec tunnels to PA-HO and vice-versa.

Due to multple dis-contigous subnets on the branches, it w

...

Resolved! About address and EBL limitation for maximum

Hello.

 

I want to know my question what address and EBL maximum from you.

 

1.

https://live.paloaltonetworks.com/t5/Configuration-Articles/Using-IP-Address-Lists-on-Palo-Alto-Networks-Policies/ta-p/57411

The above documnet describes " Each imported

...

Resolved! Log timestamps

Hi,

 

My query is about how the Palo Alto firewall timestamps logs when it sends them to a syslog server. Does it stamp the logs with UTC (GMT) time or does it use the configured local time as the timestamp? I notice when reviewing logs on the device

...

How to check GlobalProtect IP Pool

While troubleshooting a user's inability to connect to GlobalProtect, I wanted to verify there were IPs available.  However, the IP pool did not appear under the DHCP servers.  How can I check to make sure there are IPs available within the IP pool t

...

breedend by L1 Bithead
  • 5152 Views
  • 1 replies
  • 0 Likes

PA syslogs and change logs

Is it possible to send the syslogs for only the system changes from the pa to solarwinds?  How to you configure the PA to send the change logs to solarwinds?

jdprovine by L4 Transporter
  • 7301 Views
  • 21 replies
  • 0 Likes

Decryption issues with certificate.

This is a new deployment and testing decryption. I have generated a self signed cert from the firewall and imported it into the local trusted root authority store on my computer.

 

If I try to go to a site that is encrypted (eg https://www.google.ca

...

Andrew.C by L0 Member
  • 2446 Views
  • 2 replies
  • 0 Likes

Captive Portal Customization and Device Detection

I have been tasked with modifying our Captive Portal, from Palo Alto, that current users see when they connect to our guest Wi-Fi here at the Upper Canada District School Board. I have read most of the documentation related to the captive portal and

...

dcletech by Not applicable
  • 2455 Views
  • 1 replies
  • 0 Likes

SSL / Outlook Web Access not identified by App-ID

I have a customer that is using a PA-5020, and when users try to go to certain Outlook Web Access sites, it won't work for them.  Checking the logs, I can see where the user initiates a connection over port 443 to the destination OWA server, but App-

...

OSPF through Vwire

I attempted to install a PA5060 between a Cisco ASA and Cisco Nexus switch in vwire mode. the ASA has an OSPF neighbor with the nexus 7k to distribute the defualt route learned via BGP from the ISP.

 

Once the 5060 was installed, the OSPF neigbor cam

...

Global Protect Speeds?

Hi, realtively new to PAN, and have some questions related to Global Protect speeds.

I have a win 7 x64 client connected to a gateway on my 3020. 

From the client to the internet over 30mbs of bw

From the PA3020 VPN interface to the itnernet 20mbs of

...

NeilR by L2 Linker
  • 4749 Views
  • 3 replies
  • 0 Likes

Panorama Access Domain Admins - Not functioning 7.0.3

Currently we have been working with setting up Access Domain accounts for our server admins to have restricted RO access to traffic logs and policy rules. The configuration appears sound but all testing using either local or radius/ldap auth accounts

...

login-error.jpg

Resolved! Upgrading Panorama and Firewalls to 7.0.3

Hey All,

I have some questions regarding the upgrade of Panorama and firewalls to version 7.0.3. I am looking to upgrade both fairly soon, and want to avoid any gotchas. My environment currently has Panorama at 6.1.4 and all firewalls at 6.1.4 or 6.1

...

  • 24034 Posts
  • 115 Subscriptions
Top Liked Authors
Labels