General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Ensuring a Safe and Secure Community: How You Can Help

 

Dear LIVEcommunity Members,

 

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

safe-community_oct24.jpg
report-content.jpg
jforsythe by Community Team Member
  • 316 Views
  • 0 replies
  • 2 Likes

Can 'admin' account be deleted?


1) We have several PA-3020's running 6.0.1 in our organization with only a few admin user accounts which integrated with AD, so audit wants to know if we can delete the generic accounts like "admin" or "panorama"?   Any negative implications to doing

...

No traffic in traffic log - VM100

Hi Guys,

Following on from my last post - Site-to-Site VPN - Palo alto to Cisco Router issue

i am experiencing an issue with my PA VM100, there is nothing in the traffic logs....

this is running on VMWare workstation 11

But there is traffic flowing thro

...

how to handle Google SSL traffic?

Hello,

I am new to PanOS devices, we recently got PA-200 router which is quite different from classic routers. Long story short - my problem is SSL traffic, I am trying to prioritize our traffic since for now we have only 10Mbit link, we have people w

...

Nils by L0 Member
  • 2875 Views
  • 3 replies
  • 1 Likes

Captive Portal to Internal Servers

I have a client that currently uses an ISA server to restrict access to back-end web servers.  The users authenticate at the ISA which then redirects to the back end web server.

Palo Alto firewalls were sold as replacing this authentication mechanism

...

QoS maximum number of interfaces???

I have a PA-3050 and I need to add more QoS interfaces...I receive a message that says "constraints failed: Maximum number of interfaces reached". I can't find any documentation that states there is a max. number of QoS interfaces...where is it? If t

...

mike_cc by Not applicable
  • 3168 Views
  • 3 replies
  • 0 Likes

Resolved! How to setup multiple IP Public address on PA-200

Hi,

We're facing an architecture where there are multiple address that needs to be used for a specific pool of IP from the LAN interface.

Let's supose that we have 3 IP PUBLIC address 10.X.X.2; 10.X.X.3 and 10.X.X.4 and the gateway has the IP 10.X.X.1

F

...

Resolved! No information showing up in Monitor->Logs->Traffic

Dealing with my first experience with Palo Alto Firewalls.  I am working with the vmware appliance version. I have two rules/policies current configured.  One allows all traffic outbound and the other allows only ms-rdp traffic inbound.  This is a la

...

RNutter by Not applicable
  • 2765 Views
  • 2 replies
  • 1 Likes

Resolved! Subinterface

Hello


I have a PA500 firmware version 6.0.7.


All interfaces are used, can I create a subinterface? I need to make a new segment. What is recommended to do that I need?


Thank you

Antivirus Security Profile Exception

I want to create an exception action for a specific antivirus ID (which happens to be outbound traffic). The default action is “alert” and I want this one ID to be “drop”. This is possible for the spyware and vulnerability profiles, but my problem is

...

JohnPa by L1 Bithead
  • 1942 Views
  • 2 replies
  • 0 Likes

Resolved! Server Certificate Verification Failed

Within the past couple of days I am starting to get reports from users that while trying to sign in with GlobalProtect they are receiving the following error:

Gateway X.X.X.X: Server certificate verification failed

No changes have been made on the PA.

...

mcocat by Not applicable
  • 8904 Views
  • 1 replies
  • 0 Likes

Resolved! Wildfire Double Ring - Perimetral Network External / Internal

Hello, :smileyinfo:

We have a double ring structure and we are trying to implement the most appropriate settings for the Wildfire, according to the scenario that we have.

-A Cluster 2 firewalls External *OUT*

  Model PA-500

  WildFire Version 52587-59292

...

SOC_CSG by L4 Transporter
  • 2292 Views
  • 2 replies
  • 0 Likes

block tor

Hi,

please tell me, how can i block tor in pa device,

i create a rule with tor and tor2web , i set action to block but it is still runnning , it block skype too

IS that normal

thank's in advance

Regards,

atelcom by L3 Networker
  • 4804 Views
  • 6 replies
  • 0 Likes

RIP over VPN tunnel

Will RIP run over a VPN tunnel? I have a site to site to site VPN tunnel set up and an IP address set on my tunnel interface. I can ping the remote tunnel interface but I do not see the remote tunnel interface as a peer under RIP.

source user showing as unknown in traffic monitor

Found an issue on a customer's firewall.  For some reason, the “source user” becomes unknown while students are using a web application called Istation.  When that happens, the web traffic for that IP address becomes blocked by another policy.  She w

...

  • 23659 Posts
  • 107 Subscriptions
Top Liked Authors
Labels