This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4127 Views
  • 0 replies
  • 0 Likes

How to check GlobalProtect IP Pool

While troubleshooting a user's inability to connect to GlobalProtect, I wanted to verify there were IPs available. However, the IP pool did not appear under the DHCP servers. How can I check to make sure there are IPs available within the IP pool that was assigned to the GP Gateway?

breedend by L1 Bithead
  • 5503 Views
  • 1 replies
  • 0 Likes

PA syslogs and change logs

Is it possible to send the syslogs for only the system changes from the pa to solarwinds? How to you configure the PA to send the change logs to solarwinds?

jdprovine by L4 Transporter
  • 9450 Views
  • 21 replies
  • 0 Likes

Decryption issues with certificate.

This is a new deployment and testing decryption. I have generated a self signed cert from the firewall and imported it into the local trusted root authority store on my computer. If I try to go to a site that is encrypted (eg https://www.google.ca ) I dont see my browser using the PAN cert (the cert used instead is the external Google.ca cert)...

Andrew.C by L0 Member
  • 2782 Views
  • 2 replies
  • 0 Likes

Captive Portal Customization and Device Detection

I have been tasked with modifying our Captive Portal, from Palo Alto, that current users see when they connect to our guest Wi-Fi here at the Upper Canada District School Board. I have read most of the documentation related to the captive portal and what can generally be done with it. Now, I have already managed to change the style of the portal...

dcletech by Not applicable
  • 2874 Views
  • 1 replies
  • 0 Likes

SSL / Outlook Web Access not identified by App-ID

I have a customer that is using a PA-5020, and when users try to go to certain Outlook Web Access sites, it won't work for them. Checking the logs, I can see where the user initiates a connection over port 443 to the destination OWA server, but App-ID identifies it as 'unknown' instead of 'ssl'. I never see the SSL setup, and the user's connec...

Where Re-transmission packet process? Slow path or Fast Path File in blocking mode

Hello, I tested that I copied a file from server to my host while the file server was connecting that is SMB.. I did packet capture through wireshark. I saw re-transmission when drag and drop file from File Server as the same time, I think the re-tranmission packet goes to the Slowpath because File blocking's function include to slowpath ...

John_Lee by L2 Linker
  • 3295 Views
  • 1 replies
  • 0 Likes

OSPF through Vwire

I attempted to install a PA5060 between a Cisco ASA and Cisco Nexus switch in vwire mode. the ASA has an OSPF neighbor with the nexus 7k to distribute the defualt route learned via BGP from the ISP. Once the 5060 was installed, the OSPF neigbor came up but the routes were not exchanged. in the logs I see the traffic as allowed and the applicat...

Global Protect Speeds?

Hi, realtively new to PAN, and have some questions related to Global Protect speeds. I have a win 7 x64 client connected to a gateway on my 3020. From the client to the internet over 30mbs of bw From the PA3020 VPN interface to the itnernet 20mbs of bw I set up file copies of large iso files and compare the speeds. pulling from server to clie...

NeilR by L2 Linker
  • 5294 Views
  • 3 replies
  • 0 Likes

Panorama Access Domain Admins - Not functioning 7.0.3

Currently we have been working with setting up Access Domain accounts for our server admins to have restricted RO access to traffic logs and policy rules. The configuration appears sound but all testing using either local or radius/ldap auth accounts have proven to fail. Recieving the following message each time the CORRECT password and login na...

login-error.jpg

Resolved! Upgrading Panorama and Firewalls to 7.0.3

Hey All, I have some questions regarding the upgrade of Panorama and firewalls to version 7.0.3. I am looking to upgrade both fairly soon, and want to avoid any gotchas. My environment currently has Panorama at 6.1.4 and all firewalls at 6.1.4 or 6.1.2. I am aware of the need to upgrade to major versions prior to minor versions (for example, 7.0...

Resolved! VPN IPSec / SSL

Hello, i have the problem with understanding How my VPN works. I have created one portal and gateway for all users profile and I generate for all of them unique certifcate. When i look in to Remote Users table I see that some of users uses SSL and another IPsec type of tunnel. Can someone explain me why one user uses SSL but another IPSec?...

ITBT by L1 Bithead
  • 3591 Views
  • 1 replies
  • 0 Likes

Does Palo Alto support Reverse Route injection?

As title, does Palo Alto support something like CISCO "Reverse Route injection" which can inject a /32 route to the campus network for a dial-in user? Or can I create a /24 loopback interface for VPN users and redistribute the /24 to campus network? Thanks in advance.

  • 24336 Posts
  • 124 Subscriptions
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks