General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Ensuring a Safe and Secure Community: How You Can Help

 

Dear LIVEcommunity Members,

 

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

safe-community_oct24.jpg
report-content.jpg
jforsythe by Community Team Member
  • 424 Views
  • 0 replies
  • 2 Likes

Interface goes Down when speed set to 1000!

Hi,

I was getting complains for slow download speed, so I tried to change the speed setting on interface from auto to 1000, but the interface went down.

Link status:

  Runtime link speed/duplex/state: unknown/unknown/down

  Configured link speed/duplex/s

...

Besfort by L2 Linker
  • 9034 Views
  • 9 replies
  • 0 Likes

With out ARP entry internet is not working.

Dear Friends,

I have 2 interfaces in PAN->lan zone and internet zone

ISP router-huawei mac is not learned in palo alto firewall..As a result, Internet not working

But when i add static ARP entry for huawei router in ISP interface, Internet is working fi

...

Satish by L4 Transporter
  • 4379 Views
  • 7 replies
  • 0 Likes

User-ID Problems when I change the User on Group in AD.

Dear sirs,

I am facing a strange behavior in my network environment, as the identification of users, every time I change one User Group in my AD group to which he belonged fails to do correctly match the rule that created him and passes out by an "AN

...

Resolved! SSL Inbound Inspection: key vs cert, destination address

The PAN-OS Administrator's Guide for version 6.0 gives a description of setting up SSL Inbound Inspection on page 295.  In step 2, it instructs to import the target's certificate.  In step 4 it instructs to create a decryption policy by specifying th

...

cstech by L2 Linker
  • 3135 Views
  • 2 replies
  • 1 Likes

Resolved! Default antivirus profiles on a "deny" policy

Hello,

What does it mean to attach the "default antivirus profile" to a deny policy?  Does that mean that traffic matching that rule will be both denied and scanned for viruses?  (I have the same question for the other profiles too).

Thank you,

Chris

cstech by L2 Linker
  • 4204 Views
  • 7 replies
  • 0 Likes

NAT Traversal over IPSEC Tunnel

Guys and Gals,
I have been working to set up NAT-T across an IPSec tunnel between two PA-200's in my lab and am not having success.  I have followed documentation and suggestions I could find on this site, but I am unable to get NAT-T working and was

...

dan731028 by L3 Networker
  • 6369 Views
  • 4 replies
  • 0 Likes

URL category blocked but appears as allowed!!

hi,

I've applied web filtering where I blocked ulr categories such as peer-to-peer, games etc, but in traffic logs it appears that it is allowed:

peer-to-peer url category:

and same with games category:

But it is also showing that it is blocking those ca

...

Besfort by L2 Linker
  • 3214 Views
  • 3 replies
  • 0 Likes

Problems adding an IPv4 Address to a Firewall!

Hi,

I've been looking after some Palo Alto Firewalls for about a year and half now; and I'm still not sure quite how to add an IP address correctly!  Something is definitely wrong here! 

The setup in question consists of a pair of PA5020 firewalls con

...

ajbool by L3 Networker
  • 5359 Views
  • 1 replies
  • 0 Likes

youtube not working because recognized as google-video-base

Hi,

when we browse to youtube and try to watch a video there is an error displayed and the video does not start.

This only happens when using Internet Explorer.

When i take google chrome it works.

I looked to the traffic log and see that google-video-bas

...

kbe by L3 Networker
  • 9506 Views
  • 20 replies
  • 1 Likes

What's your experience with 6.0.x?

We started configuring an HA pair of 5020's on 6.0.3.  We have yet to pass any traffic through it.  I would like to get feedback on real world Palo Alto firewalls that are running 6.0.x and how stable/unstable they are.

I did read one thread where a f

...

jambulo by L4 Transporter
  • 6673 Views
  • 11 replies
  • 1 Likes

How to identify unused objects?

Hi All,

Is it possible to identify unused objects,.? eg: address, address group, app group etc

We are using PS2050 which is taking too much time for commit ( arroung 30 minutes) so i want to remove unused objects from the device which may helps to impr

...

Gururaj by L4 Transporter
  • 6017 Views
  • 5 replies
  • 0 Likes

Resolved! Apple MAC's and User-ID

We recently implemented a pair of PA-3020 in an Active/Passive cluster.

I have been working on USER-ID, but have an issue. There are about 2500 Apple MAC computers

on site. They are binded to AD , even if an AD user uses logs in to an Apple MAC there a

...

UA_MC by L1 Bithead
  • 11515 Views
  • 4 replies
  • 1 Likes
  • 23696 Posts
  • 110 Subscriptions
Top Solution Authors
Labels