General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Resolved! Unable to manually upload dynamic content

Hello,

I am currently working on a new PA-3020 deployment. The device has been delivered with old PanOS 5.0.6 release. Also I would like to upgrade it to last PanOS 6.0.x release before going ahead with configuration.

The device has currently no access

...

ldormond by L3 Networker
  • 4721 Views
  • 2 replies
  • 0 Likes

Resolved! Secure LDAP Policy Rule Setup

Hello.

I am trying to setup an application policy rule to allow secure LDAP from our hosting company back to our internal domain controller running MS AD.  I have the appropriate NAT statement setup.

If you look in the log screenshot above, you'll see

...

dannon by L3 Networker
  • 9712 Views
  • 2 replies
  • 0 Likes

Resolved! User-ID Agent Errors on Domain Controllers

I'm getting the following error showing up in event viewer on our Windows domain controller.  We have 4 DC total that have the the user-id agent installed.

As you can see, I am getting a lot of these error.  The IP in question is one from our BYOD sub

...

dannon by L3 Networker
  • 6431 Views
  • 3 replies
  • 0 Likes

Certificate failed to load

Hi all,

We have two PA-4060 in active/passive mode with PAN-OS 4.1.12 (I know, old..).

Yesterday, after rebooting passive device auto commit failed with:

Error: Certificate 'XYZ' failed to load: failed to parse key

and device went to not-ready state.

Afte

...

ISSUE WITH GLOBAL PROTECT

We have configured One VR-1 only

Ethernet 1/1 is a WAN interface

Ethernet 1/2 is a WAN interface

Ethernet 1/3 is a WAN interface

Ethernet 1/4 is a LAN interface

We’ve created

ETH1-ZONE for Ethernet 1/1

ETH2-ZONE for Ethernet 1/2

ETH3-ZONE for Ethernet 1/3

ET

...

What happens if Dynamic Block List server is inaccessible?

If we are retrieving a list of IP's via Dynamic Block List to Allow and/or Deny traffic, what would happen if the web server hosting the .txt file is inaccessible during a refresh? Would the DBL object lose all of the IP addresses and render the rule

...

jambulo by L4 Transporter
  • 2756 Views
  • 3 replies
  • 0 Likes

Issues with geolocation IP addresses

Hello,

We have policies (geolocation) which only allow connection from Spain and Andorra.

In many cases the IP addresses identified by geolocation, is not properly updated and sometimes Palo Alto identifies an IP like another country rather than as Spa

...

SOC_CSG by L4 Transporter
  • 11334 Views
  • 10 replies
  • 0 Likes

Resolved! Problems with configuring Palo Alto PA-500 Firewall

Hi Guys,

I can connect via serial and console port from CLI to Firewall. But when i am trying to set ip for management interface i'm getting the following error

Server error : system -> authentication-profile 'LDAP Authentication Profile' is

not a vali

...

  • 24034 Posts
  • 102 Subscriptions
Top Liked Authors
Labels