General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Resolved! How to REJECT instead of DROP?

Try as I might, I cannot find a way to do the equivalent of the venerable iptables target REJECT --with-icmp-ureachable or --with-tcp-reset for basic firewalling on a 4020.


This is handy for bouncing internal clients quickly, whereas DROP is better to

...

Priyan by Not applicable
  • 15428 Views
  • 11 replies
  • 1 Likes

Dynamic DNS URL Redirect Control

Hello,

Most of the "Dynamic DNS" sites are categorized as Computer and Internet Info (PANDB).  On occasion a device will get infected because of a Dynamic DNS redirect to a malicious site.  The initial URL connection is through one of the DDNS sites. 

...

CRHC by L4 Transporter
  • 2408 Views
  • 1 replies
  • 0 Likes

V-Wire Mode with trunk

Hey Guys,

i am about to deploy PaloAlto 5020 in a v-wire mode with trunk on them, does any one has any known issues that i may encounter

here is the topology

Current: switch ====(trunk)===== cisco firewall

new: switch======(trunk)=====PaloAlto (vwire)==

...

Harshit by L3 Networker
  • 1965 Views
  • 2 replies
  • 0 Likes

VPN Global Protect

Hello everbody

Configured on a global protect our customers and all this working well, just a little problem that we try,can  not send icmp packets via hostname only via IP Address, on your local network can ping both via hostname as IP Address. I'm p

...

ike policy

What part of the configuration on the PA matching what is called the ike policy on the Cisco?

infotech by L4 Transporter
  • 6597 Views
  • 22 replies
  • 0 Likes

Resolved! security-policy-match from the API

I'm trying to write a tool that will test security policy from a web portal. I cannot seem to get the command working properly, though. The URL I'm using on the firewall is this:

https://host.local/api/?key=keyhere&type=op&cmd=<test><security-policy-m

...

txadmin by L0 Member
  • 3179 Views
  • 3 replies
  • 0 Likes

Resolved! Error when trying to restart management-server

My PA 2020 box has been a bit slow of late, and it also has failed on 2 commits so I thought I would drop onto CLI and do a debug software restart management-server

as this would usually pick things up when I have had the problem in the past.


But when

...

JRussell by L3 Networker
  • 9415 Views
  • 4 replies
  • 0 Likes
  • 23591 Posts
  • 103 Subscriptions
Top Solution Authors
Top Liked Authors
Labels