General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Threat Vector, a Unit 42 Podcast, is Now on LIVEcommunity!

We have some exciting community news to share: Threat Vector, a Unit 42 podcast, is now on LIVEcommunity!

 

Threat Vector is your compass in the world of cyberthreats. Listen to this biweekly podcast to learn about unique threat intelligence, cutting

...

jforsythe by Community Team Member
  • 78 Views
  • 0 replies
  • 0 Likes

How and Why to Accept a Solution to Your Post

Did you know that you can help your fellow community members by accepting solutions when a reply answers your question. Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature

...

JayGolf_0-1691518400714.jpeg
JayGolf by Community Team Member
  • 3327 Views
  • 2 replies
  • 14 Likes

PA-2000/4000 trade-in

Did anyone do a trade-in for their PA-2000/4000 series device (under the so called Customer Care Upgrade Program) ?

What about current subscriptions ? Is the remaining value completely reimbursed ?

As in 1 year of the 3 year contract to go, so 1/3rd of

...

dieter_b by L4 Transporter
  • 5948 Views
  • 9 replies
  • 0 Likes

Resolved! Remove syslog server profile via CLI

Hi all,

I have a simple question and it is as follows:

How do I remove a syslog server profile using the CLI?

I would have thought it would be something like

> delete shared server-profile 'syslog (server profile name)'

but all I get in that command is th

...

bmorris1 by L4 Transporter
  • 3589 Views
  • 1 replies
  • 0 Likes

7.0 deployed on two fw's so far and all is well

In the event anyone is curious- I've upgraded two PA-200's from 6.0.3 up to 7.0 (in a remote site and my science project at home). I am leaving the larger production FW's out of the mix for now until a couple of minor updates come along just to make

...

eDub by L1 Bithead
  • 4241 Views
  • 6 replies
  • 2 Likes

finite state machine diagram for HA

Can anyone point to a diagram of a Finite State Machine for HA failover scenarios?  It would be good to have for consultation and understanding of the different behaviors.

derasa by L0 Member
  • 1572 Views
  • 0 replies
  • 0 Likes

MS Azure mass changes

Every week we get a huge list of new IP addresses and subnets for the MS Azure product to be allowed through our firewalls. The file that contains the new updates is an XML file. I have a couple questions that I hope to get help with.

1. Surely we ca

...

wessepj by Not applicable
  • 1545 Views
  • 1 replies
  • 0 Likes

Global Protect pre-logon and SSO

Help me understand this better, on the global protect portal for the server cert i need a public cert from a place like godaddy?  For the client cert I can use a cert that issued from our internal cert authority which has a cert on all the domain wor

...

markk96 by L3 Networker
  • 1757 Views
  • 1 replies
  • 0 Likes

Agentless UserID in a MultiDomain Environment

My first question would be is it possible to configure a firewall with no vsys license to query more than one domain without deploying the UserID windows agent?

My second question would be if yes then how given that there is only 1 WMI authentication

...

CHammock by L2 Linker
  • 2263 Views
  • 2 replies
  • 0 Likes

Thoughts on a set of application rules?

I was messing around in the interface today and had a thought as for rules and am curious what other might think.

I created a group of rules for a particular zone/AD User group.  Something like this

Allow but do not log (DNS for example)

Allow these app

...

BobW by L4 Transporter
  • 2964 Views
  • 2 replies
  • 0 Likes

PA-VM on ESXi - L2 Topology Design Questions

I'm looking to deploy a pair of PA-VM 200s running 7.x on a vSphere 5.5 cluster and would like a sanity check on the design.

My client's network currently has one large VLAN that houses most of their servers.  For the sake of this example, we'll say i

...

bkeifer by L1 Bithead
  • 2208 Views
  • 1 replies
  • 0 Likes

VPN s2s PA and Mikrotik

Hello

I have new tas - make VPN s2s between PA200 and Mikrotik router.

PA  (PA 200 on 6.1.4) has Advanced phase mode 1 optios set to AUTO and "anable passive mode" not checked

Mikrotik (751U-2HnD with latest 6.30 router OS) is in aggressive mode.

It's qu

...

_slv_ by L4 Transporter
  • 1580 Views
  • 1 replies
  • 0 Likes

Applications and Threats auto-update issue

I have an issue where all of my definitions auto-update with the exception of Applications and Threats.

Previously, I had Applications and Threats set to download only.   About a month ago I changed it to also install.   Since that time, I've still ha

...

EdwinD by L3 Networker
  • 3077 Views
  • 4 replies
  • 0 Likes

Tips to improve mgnt tasks in a PA-2020

Hello Everyone,

Does anybody knows any tips to improve mgnt tasks (policy changes, monitors checks, commits... etc etc) in a slow box PA2020?

I am working w/ this model since november 2013 and I am facing so many problems w/ slow response during manage

...

  • 24124 Posts
  • 100 Subscriptions
Top Solution Authors
Labels