General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Ensuring a Safe and Secure Community: How You Can Help

 

Dear LIVEcommunity Members,

 

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

safe-community_oct24.jpg
report-content.jpg
jforsythe by Community Team Member
  • 468 Views
  • 0 replies
  • 2 Likes

Resolved! Secure LDAP Policy Rule Setup

Hello.

I am trying to setup an application policy rule to allow secure LDAP from our hosting company back to our internal domain controller running MS AD.  I have the appropriate NAT statement setup.

If you look in the log screenshot above, you'll see

...

dannon by L3 Networker
  • 10618 Views
  • 2 replies
  • 0 Likes

Resolved! User-ID Agent Errors on Domain Controllers

I'm getting the following error showing up in event viewer on our Windows domain controller.  We have 4 DC total that have the the user-id agent installed.

As you can see, I am getting a lot of these error.  The IP in question is one from our BYOD sub

...

dannon by L3 Networker
  • 6786 Views
  • 3 replies
  • 0 Likes

Certificate failed to load

Hi all,

We have two PA-4060 in active/passive mode with PAN-OS 4.1.12 (I know, old..).

Yesterday, after rebooting passive device auto commit failed with:

Error: Certificate 'XYZ' failed to load: failed to parse key

and device went to not-ready state.

Afte

...

ISSUE WITH GLOBAL PROTECT

We have configured One VR-1 only

Ethernet 1/1 is a WAN interface

Ethernet 1/2 is a WAN interface

Ethernet 1/3 is a WAN interface

Ethernet 1/4 is a LAN interface

We’ve created

ETH1-ZONE for Ethernet 1/1

ETH2-ZONE for Ethernet 1/2

ETH3-ZONE for Ethernet 1/3

ET

...

What happens if Dynamic Block List server is inaccessible?

If we are retrieving a list of IP's via Dynamic Block List to Allow and/or Deny traffic, what would happen if the web server hosting the .txt file is inaccessible during a refresh? Would the DBL object lose all of the IP addresses and render the rule

...

jambulo by L4 Transporter
  • 2946 Views
  • 3 replies
  • 0 Likes

Issues with geolocation IP addresses

Hello,

We have policies (geolocation) which only allow connection from Spain and Andorra.

In many cases the IP addresses identified by geolocation, is not properly updated and sometimes Palo Alto identifies an IP like another country rather than as Spa

...

SOC_CSG by L4 Transporter
  • 12424 Views
  • 10 replies
  • 0 Likes

Resolved! Problems with configuring Palo Alto PA-500 Firewall

Hi Guys,

I can connect via serial and console port from CLI to Firewall. But when i am trying to set ip for management interface i'm getting the following error

Server error : system -> authentication-profile 'LDAP Authentication Profile' is

not a vali

...

Active/Active HA on 7050

I'm getting ready to implement an Active/Active setup on a 7050. What is the best practice for bandwidth over the HA links? I'm more curious about the HA2 and HA3 links.

  • 23704 Posts
  • 110 Subscriptions
Labels