General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Ensuring a Safe and Secure Community: How You Can Help

 

Dear LIVEcommunity Members,

 

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

safe-community_oct24.jpg
report-content.jpg
jforsythe by Community Team Member
  • 422 Views
  • 0 replies
  • 2 Likes

Resolved! App-ID for Apple iOS Update

Hi All,

I'm preparing for tomorrow's iOS8 update.  Last year with iOS7, we got slammed on bandwidth.  This year now that we have the Palo Alto, I'm configuring QoS so that the iOS update doesn't eat all of our bandwidth.

Does anyone know what App-ID th

...

wocomike by L1 Bithead
  • 5931 Views
  • 5 replies
  • 0 Likes

User-ID IP mapping

Why does some traffic in the logs not have a user tied to the IP address at times even tho in the logs the IP has a user mapped to it most of the time.  This is causing policy to be dropped down to a different level.

markk96 by L3 Networker
  • 2920 Views
  • 5 replies
  • 0 Likes

Issue with static routes.

I look after a PA2050 running OS 4.1.8

I am trying to setup 2 new static routes in my virtual router but they are not being picked up when I do a show routing route or show routing fib after a commit.

One of the routes is a new one and the other is a r

...

phild by Not applicable
  • 6933 Views
  • 12 replies
  • 0 Likes

Resolved! How to remove an address-group member via XML API

Hi,

I would like to remove a single member from an address-group, here is the query I am sending:

https://firewall1.it.mydomain.net/api/?type=config&action=delete&xpath=/config/devices/entry/vsys/entry[@name='vsys1']/address-group/entry[@name='NameOfTh

...

Alextc by Not applicable
  • 5403 Views
  • 3 replies
  • 0 Likes

PAN in Layer 2 mode and Microsoft NLB

Hi!

Customer configured Palo firewall to work in Layer 2 mode to protect VLAN. In that VLAN there are two servers in MS NLB configuration. In VLAN configuration in Palo, static MAC entry is configured for virtual MAC address, but that entry isn't disp

...

mkopcic by L2 Linker
  • 4592 Views
  • 4 replies
  • 0 Likes

Resolved! App and Threat Compatibility MisMatch

Hey there,

I have 2 PA-500's currently on:

Software Version6.0.2GlobalProtect Agent1.2.3Application version461-2402 (10/14/14)Threat Version461-2402 (10/14/14)Antivirus Version1391-1863 (10/13/14)URL Filtering version4392

Software Version6.0.2GlobalProt...

Zewwy by L3 Networker
  • 7092 Views
  • 9 replies
  • 0 Likes

Resolved! PA-5020 Fans?

Just checking to see if this is normal.

I got a report today that the fan speed on our PA-5020 will speed up at random times, and calm back down. It's loud enough people can hear it outside of the closet.

Is that normal?

mharding by L4 Transporter
  • 2819 Views
  • 2 replies
  • 0 Likes

SSL Decryption

Hello,

We have quite a few students using hotspot shield and other tunneling apps to get around our filter. I've been successful in block a majority of them by blocking the hotspot shield app. However there are still a number of them getting though by

...

cpkaiser by Not applicable
  • 3280 Views
  • 5 replies
  • 0 Likes

Resolved! Can not check Forward Trust Certificate

Hi All,

My device is PANOS 6.0.5;

I have a problem with Certificate configuration.

On my device, I generate a Certificate follow How to Generate a CSR(Certificate Signing Request) and Import the Signed Certificate;

After, my 3rd party CA issue complete,

...

Certificate Bundle

Hi,

I'm get error on commit: "Warning: cannot find complete cerficate chain for certificate Certificate_Bundle"

I notice there are three bundles in the device certificates, but how do I know which bundle is being used?

How to I test this without breakin

...

asabadin by L1 Bithead
  • 4263 Views
  • 6 replies
  • 0 Likes

How to read SNMP Values from VPN-Tunnel-Interfaces?

Is it very easy to read SNNP Values from physical interfaces:

Connect the SNMP Browser to the PA

Set the right Community password:

PA shows you the interfaces - but only the physical IFs.

How to read SNMP Values from VPN-Tunnel-Interfaces?

Roman

See: Palo

...

rkra by L2 Linker
  • 2398 Views
  • 4 replies
  • 0 Likes

Resolved! GlobalProtect Client and Windows 8

PA-200

Software version 6.01

GP Agent 2.0.4

I've installed GP client on perhaps a dozen workstations, and finally have one that will not authenticate.  Help.

Installed the machine certificate okay, installed the agent.  Opened the app from the system tra

...

bdunbar by L3 Networker
  • 5867 Views
  • 6 replies
  • 0 Likes

HA failover when 1 port loses conectivity


Looking for ways to setup a PA5020 pair for HA that takes into account if the link to one interface goes down the system fail over.  I have hear of possibilities of using a "HEARTBEAT" up the link to cause the failover when it fails.

  • 23695 Posts
  • 110 Subscriptions
Top Solution Authors
Labels