General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Thank You for Filling Out the LIVEcommunity Experience Survey!

If you've visited LIVEcommunity anytime recently, you've probably seen a pop-up asking for your feedback. We've deployed this survey since April 2020 for new and returning visitors alike as a way to gather feedback from our users. 

 

In the past six

...

survey-livecommunity.png
jforsythe by Community Team Member
  • 14575 Views
  • 1 replies
  • 4 Likes

forward http request to proxy squid

Hi ,

i try to forward my wifi mobile users http request to the proxy squid.

i have configured the proxy squid to transparant mode (port 80)

To the firewall i have 3 zone : LAN (port 1) , DMZ (port 3)  and INTERNET (port2)

the wifi mobile users are in zon

...

nmaton by Not applicable
  • 3462 Views
  • 6 replies
  • 0 Likes

L2 trunk and subinterfaces to Cisco

I am trying to configure a L2 trunk from a Cisco 3750 to a Palo 5020

I cannot find any info on how to configure the Palo, as the terminology is different to me.

As a side note we are also running two 5020's in an Active/Active configuration

I have tried

...

rperkin by Not applicable
  • 4911 Views
  • 7 replies
  • 0 Likes

Resolved! pass on user-id information

Hi All,

Setup

- We got 2 PA clusters with a leased line between them, joining two offices of the same company.

- Both offices have their own AD, servers, ...

- We have GlobalProtect configured on both devices.

- We have PanOS User-Id configured (so no age

...

mr.linus by L4 Transporter
  • 1770 Views
  • 3 replies
  • 0 Likes

Re-Generating HA-Keys

I was lazy and just imported a configuration from a a other firewall to create a new firewall.

Now i discovered that the HA-Keys are identical (because) I imported the config.

Is there any trick to re-generate them or do i have to factory reset and sta

...

gsteiner by L3 Networker
  • 929 Views
  • 1 replies
  • 0 Likes

Removing an Object and All Dependencies

Morning,

I am doing some firewall cleanup on our panorama.  We have quite a few devices and I am forced to go through each device group to verify if something exsists locally or shared.  Is there any way through the CLI or Panorama to remove an item a

...

one trust two untrust

If I have two DSL connections, and 10 network segments, is possible configure on a PAN firewall one "trust" zone, tow "untrust" zone and send five segments for each one?

Resolved! Has anyone successfully made 'scribd' ReadOnly Access?

Hello,

   We would like to allow "ReadOnly" access to Scribd hosted content.  I note that there is an application definition called 'scribd-uploading'.

   Has anyone successfully done this by blockign the 'scribd-uploading' application?

Thanks

Art

Art by L3 Networker
  • 1336 Views
  • 1 replies
  • 0 Likes

Managing Local Admin Through Panorama Template

So, we are (slowly) transitioning our devices to 5.x code to fully utilize the templates via Panorama.  One of the items I was looking into transitioning is the local admin account.  However, from my testing, I don't know that this is possible.  We h

...

mrsold by Not applicable
  • 2403 Views
  • 3 replies
  • 0 Likes

Resolved! Traffic logged in an interface in down state

This is our scenario:

- A PA-200 with a subinterface tagged with VLAN ID 200.

- Connected to a Cisco Catalyst switch (trunk with VLAN ID 200 allowed).

- It has been working without problems.

Now, we want to divert traffic to a Cisco router with same IP a

...

Panorama Generating Blank Reports

Hey everyone.  Has anyone see an issue where Panorama (VM) is generating blank scheduled reports?  I came into the office this morning, and found that Panorama generated its normal scheduled reports, but they are all blank with no data.  Its not just

...

jholmes by L1 Bithead
  • 3061 Views
  • 3 replies
  • 0 Likes

Local user authentication

Hi all,

What does it mean if I create a rule that allows http/https services only for authenticated users from local user database between 2 zones? Will the users have to authenticate to the firewall first? How?

Thanks!

Peter 

AD groups will not show up in PA

I have a new AD group that I made that I want to use in a PA rule. Its been 24 hours and it has not shown up.

Firmware: 4.1.7

We use Radius.

Maybe i should reboot the radius servers ...

thanks

choff123 by L3 Networker
  • 1854 Views
  • 3 replies
  • 1 Likes

Allow Ping to Layer3 Sub-Interfaces by default

Hi,

I have Palo acting as Layer3 gateway and I would like to always allow clients within the VLAN to Ping their default gateway (i.e. Layer3 Sub-Interfaces on Palo firewall) by default (running in Active/Passive mode). In my case multiple Layer3 Sub-I

...

DCN by Not applicable
  • 1291 Views
  • 3 replies
  • 0 Likes
Top Liked Authors