General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Slow Network Traffic Using Global Protect

Hi, We are experiencing high latency when using Global Protect. It peaks to 1000ms. We tried to use Cisco VPN to isolate the problem and latency peaks at 90ms. We removed security profiles that may cause latency but it did not work. We also noticed that the problem occurs every morning and traffic is normal again from 1pm onwards. We checked t...

Automation of a vsys configuration

We would like to automate the configuration of a new vsys, uisng inputs from a file or script with the required information, using either the set commands or the API. Has anyone attempted to do this, and what is the best way and how to gather the require commands etc for this. Any suggestions would be helpful. Thanks you David

dwmaas by L2 Linker
  • 3277 Views
  • 1 replies
  • 0 Likes

Resolved! Allow one URL out of many sharing an IP

We're faced with a bit of a challenge. We blocked a GoDaddy-Hosting IP for sending malicious traffic to our campus. Faculty later complained that a site they rely on is hosted with the same IP. I've attempted many different configurations with IP filtering, URL whitelisting etc, but can't quite arrive at a simple working solution (Plan B is blac...

rcaduser by L0 Member
  • 2796 Views
  • 2 replies
  • 0 Likes

Web UI authentication LDAP fails

Hi All, I have configured everything correct. But no entry in LDAP server security logs while I try to login paloalto Web UI using LDAP profile. Here at pan I can retrieve the all group user. I have configured the auth. Profile to 'all' entry in allow list..tried both domain\username(captive portal working fine with this format) and userna...

Javith by L3 Networker
  • 5411 Views
  • 4 replies
  • 0 Likes

Adding Tag Information to Email Alerts

Currently we have our Security Policies setup in a way that the name of the rule is the server and the tag identifies what resource is being accessed (URL). As it is when I receive an alert of malicious intent on a rule it sends me the Rule name and the usual information. I'd like to be able to include the tag information in the Email server p...

greeng by L2 Linker
  • 2866 Views
  • 1 replies
  • 1 Likes

Resolved! Virtual PA

Is there a URL that can I can download a evaluation Virtual PA from so that I can try a few configuration on it rather than trying it on the live physical appliance.

RC-BHF by L2 Linker
  • 3109 Views
  • 2 replies
  • 0 Likes

Resolved! Network requirements for HA clustering

Hello, is there any document that describes network requirements for clustering two firewalls. Especially how far apart two firewall can be (latency, delay etc.)Is there any design scenario where two firewalls on two different sites can be clustered together (geo-clustering)

Resolved! HTTP Headers in Threat Log?

Hi, is there any possibility to see the HTTP Headers in Threat Log? For example i want to protect a shared hosting environment and on the threat log ( vulnerability profile, WordPress Login BruteForce Attempt) i can only see "wp-login.php" as the "URL" and not "www.example.com/wp-login.phh" (see screenshot) I can already configure advanced HTT...

TP-Log.png
iweltag by L2 Linker
  • 3941 Views
  • 3 replies
  • 0 Likes

Resolved! GlobalProtect with 2 NICs

Here is an interesting question: If a system has two fully configured NICs with internet connectivity, which interface does GlobalProtect use establish its connection to a Palo Alto gateway? How can we select which NIC it uses? Is it something through the client? Or is it something that must be done through the system itself? Note: The sys...

mmclimans by L3 Networker
  • 4491 Views
  • 2 replies
  • 0 Likes

PA 5050 to N5K 10G Conn

Hi Guys, I am facing an issue, links are not coming up b/w the PA and the N5K and both are 10G Ports. In PA, we should keep the link speed as auto and in N5K, there is no option to set the 10G port link status to Auto, Have anybody faced this issue? Logs: PA: Name: ethernet1/22, ID: 37Link status: Runtime link speed/duplex/state: unknow...

jithuraj by L1 Bithead
  • 2513 Views
  • 2 replies
  • 0 Likes

Resolved! GlobalProtect on DHCP Interface

Hi, I have configured GlobalProtect on DHCP interface, but for some reason I can't make it work. I don't see GP web page and I cannot connect to it using GP client.I tried same config, but with static address and it works perfectly. Can somebody help me to troubleshoot this? Thank you.

nabokih by L1 Bithead
  • 7561 Views
  • 4 replies
  • 0 Likes

LLDP not showing neighbors

We have LLDP enabled on AE1 (x2 40G) which is on a QNPC on a HA A/P 7050 cluster running 7.0.2The N7K is seeing the LLDP information and traffic, however the 7050's are not. Trying to see if anyone else has had success with LLDP on this? Interface Total-Tx Dropped Total-Rx Dropped-TLV Errors Unrecognized Aged-Out--...

  • 24393 Posts
  • 123 Subscriptions
Top Solution Authors
Labels