This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4231 Views
  • 0 replies
  • 0 Likes

Web page issues between F5 and PA

After migrating from an ASA to PA3020, users reported that web pages were not fully loading. The issue was seen on the ASA but rarely. The PA3020 has been showing this issue more often than not resulting in a work around being done on the webpage. The trouble appears to be tied to how the F5 and Palo communicate. With caching enabled, the pr...

RRAPP by L1 Bithead
  • 5468 Views
  • 5 replies
  • 0 Likes

Really good tool!

Hi,This is an really good tool for managing dynamic lists.So far I have tested a basic setup and I have a few comments/suggestions. * How do I change the ssl certificate for MineMeld.* Will you also implement domain blocklists soons (currently running 7.1 beta).* How about making our own miner. Information about this.* Will you also support ipv6...

Resolved! VMware ESXi 6.0 and PA VMs

Is VMware ESXi with vSphere 6.0 supported?The technical documentation for the 6.1 virtual appliances states: "VMware ESXi with vSphere 5.0, 5.1, and 5.5 for VM-Series running PAN-OS 6.1."And the 7.0 documentation states: "VMware ESXi with vSphere 5.1 or 5.5 for VM-Series running PAN-OS 7.0."I've not found any information regarding ESXi 6.0 in an...

Resolved! NAT and Security Policies, PBF Failover and Symmetric Return - Dual ISP

This is two parts:1) I configured Destination NAT rules and corresponding Security Policies to allow inbound access to servers on private LAN. These all utilize the Primary ISP public IP address. If I want these internal servers accessible over the Secondary ISP (as we already have configured PBF failover to the secondary ISP should the primar...

uscit by Not applicable
  • 6339 Views
  • 3 replies
  • 0 Likes

Resolved! OSPF pocket in an EIGRP network

I am putting a PA firewall in our datacenter and am looking to have the firewall advertise the protected subnets out to the rest of the network. However, the rest of the network uses EIGRP, so the datacenter switch and the PA firewall will need to be setup for OSFP in order to have the routes advertised. I am thinking the PA OSPF instance wo...

pa-ospf-eigrp.png
Demast by L2 Linker
  • 3379 Views
  • 2 replies
  • 0 Likes

Resolved! Policies >> Security

Unsure quite how to phrase my question. Under Policies >> Security: I have a Rule way at the top for McAfee ePO; tcp; port 8443.Settings that I have set are: Source Zone: Trust Source: IP address for a specific internal host Destination Zone: Untrust Destination Addresses: 2 different unique external hosts Application: any Service:s...

Resolved! PAN response to: Attacking Next-Generation Firewalls: Breaking PAN-OS ?

So are there any response available from PAN regarding the topic which you can read below? Like when are updates scheduled to be released, any mitigations you can perform before updates are available etc? Or are they already disclosed (and fixed) over at https://securityadvisories.paloaltonetworks.com/ ? Im thinking of: https://www.troop...

mikand by L6 Presenter
  • 9211 Views
  • 9 replies
  • 1 Likes

Some Users not Mapping in User-ID

Hi All, I'm currently experiencing some issues with user-id mapping. Some users are not being mapped to IP addresses. Current setup: I have 3 domain controllers - all have Service Accounts with correct privileges. They are also showing as 'Connected' I ran the command 'show user server-monitor state all' on the CLI and noticed that one of th...

Bocsa by L3 Networker
  • 14643 Views
  • 9 replies
  • 0 Likes

Did Factory Reset a PA-200 and system now automatically reboots in Maintenance Mode

Hi all, maybe someone can help me with this. Just did a factory reset on a PA-200 via maintenance mode (via console) and now system reboots automatically in maintenance mode. I followed instruction from here: https://live.paloaltonetworks.com/t5/Management-Articles/How-to-Factory-Reset-a-Palo-Alto-Networks-Device/ta-p/56029 When I go in System...

Resolved! Applications On Non-Standard Ports

It's perfectly possible I'm being unusually dumb here, but I can't see an elegant way of allowing application usage on non-standard ports - for example ssh on tcp/32777. The obvious way of doing it is to allow a rule that allows appid:ssh on service:ssh-ports (being a service group consisting of tcp/22 and tcp/32777). That works fine, but is ...

visualize custom regions on traffic/threat map

Is it possilbe to show custom regions with gps coordinations on the threat/traffic map with the correct gps coordinates? We have set custom regions for departments with private subnets and gps coordinations.In the traffic or threat map we can only see a great dot for each custom regions. Example: We think, we have the correct cooridnations for t...

PaloMap.jpg
PaloRegions.jpg

NAT question when migrating config.

Converting config from Nortel Connectivty switch to PA200. 3 interfaces untrust - public ip - 202.3.41.0/28 trust:private ip - 10.10.10.0/24. dmz-203.4.42.96/28 There is one to one mapping of few untrust ip to trust ips( to access trust ips from outside) and also few one to one mapping from dmz to trust. When translating this to PA200. I can d...

  • 24357 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks