General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

6.1.2 LSVPN/VPN Hang - Reboot Required

I am having some issues as well with 6.1.2 and LSVPN to hub which is on 6.0.5h3. This is vaguely referenced here by others Anyone use 6.1.2? Is it stable where everyone affected, says yeah there's this IPSEC issue and never actually describes what they are seeing. So I'm going to detail what I am seeing. I had two PA-200 devices overnight go...

PA2050 en PanOS 6.1.x

Hey All,Anyone has a PA2050 running 6.1.x and see an improvement in commit times relative to PanOS 6.0.x? Or do the added features just slow down the MGMT plane even more?We have one running in the lab, but since no real traffic is going over it, it is hard to pinpoint the effect of an upgrade.

mr.linus by L4 Transporter
  • 2829 Views
  • 1 replies
  • 0 Likes

Cannot view software update on support portal

Hi Guys,Did you ever experienced the below:When our customer tried to access software update page on their support portal they saw 'no software updates found'Does this mean the account doesn't have access to the software info?Thanks,Cheers,Mel

MelLi by L2 Linker
  • 3382 Views
  • 2 replies
  • 0 Likes

Fortigate Cloud Firewall running on FortiOS Version 5. Is this supported by Palo Alto ?

Hello All,We would like to know whether the Fortigate Cloud Firewall running on FortiOS Version 5 is supported by PA for IPsec VPN as we are getting below error and tunnel is not coming up.2015-03-17 10:53:28 [DEBUG]: vendorid.c:274:check_vendorid(): received unknown Vendor ID à Other End device is a Fortigate Cloud Firewall running on FortiOS V...

tac.in by L3 Networker
  • 3172 Views
  • 3 replies
  • 0 Likes

IP region assignment

PA 500 running PANOS 6.1.2We have regional blocks in place that block inbound traffic originating from non-US IP's. However, we have discovered a bit of a dilemma.We have found that an IP such as 137.135.135.1 originates from Ireland and geomaps as such, but according to whois query is registered to MS in Redmond, WA. So, it is allowed through d...

Resolved! Usage scenario for Change Monitor?

I took a look at the Change Monitor today but really struggled to find a use case for it. Does anyone use this frequently and for what?Thanks!

Dz3015 by L4 Transporter
  • 4956 Views
  • 4 replies
  • 0 Likes

Downgrade PAN-OS-6 back to PAN-OS-5??

Per this discussion:PA-2000/4000 trade-in I am also caught in the same boat. From what I recall PAN-OS-5 worked ok on the PA-2020's. Because of all the issues I am experiencing with OS 6 and the inferior product, I am wondering if anyone had success downgrading their OS 6 back to 5. I know I have just over a year before that OS is EOL, but it ...

cmateam by L3 Networker
  • 7214 Views
  • 6 replies
  • 0 Likes

TRACKING static route

Hello All,I have the below queries.1) How configure 'TRACK' in Static Route (want to monitor the Gateway, As soon as current Gateway is fail immediately traffic will move to another Gateway) 2) How to configure multiple Peer Gateway in a single IPSEC Site to Site VPN( Diagram attached here with) 3)How to add multiple Remote subnet in Proxy IDs...

tac.in by L3 Networker
  • 2259 Views
  • 1 replies
  • 0 Likes

Mail attachment virus scanning

How can I implement proper mail attachment virus scanning ?For incoming mail, I have an antivirus security profile in place that should block virusses (smtp decoder), nothing fancy really:I notice that the PA doesn't filter attached virusses too well. Luckily (as is best practice) I have several layers of antivirus protection for mail:external s...

dieter_b by L4 Transporter
  • 10796 Views
  • 10 replies
  • 0 Likes

Wildfire Action doubt

Hello,We do not have license wildfire in some of our devices.Do you know if wildfire action (Antivirus Profile) would function without this license?Regards,dicu

SOC_CSG by L4 Transporter
  • 3138 Views
  • 2 replies
  • 0 Likes

Inspection of 'http-proxy' traffic

My instinct when I read my own title is to tell me to block the app-id type http-proxy as I can't see inside it and it shouldn't be on my network.However, I have a requirement, mostly due to legacy infrastructure, where all the traffic passing through my PA firewall will effectively terminate on a proxy server (probably bluecoat) further down th...

loki by L1 Bithead
  • 7502 Views
  • 4 replies
  • 1 Likes

Can Palo Alto be used as a reverse proxy?

We have this scenario that Palo Alto will receive the inbound mail then will be pass to the PMX server(pure message) going to the exchange server. After going to the exchange server, it must be forwarded to the FW but the problem is that the Core Switch doesn't have a default route configured. Is there any way that Palo Alto can receive the mail...

TSPI by L1 Bithead
  • 15434 Views
  • 4 replies
  • 0 Likes

Resolved! LACP from PA to Juniper Switching

Got an odd issue I was hoping someone may have seen.PA 500 setting up a 4 port LACP bond to juniper switches. Running PanOS 6.1.2Setup the LACP bond on both ends, LACP would not negotiate. Spent many hours wtf’ing, couldn’t find anything odd anywhere, other LACP bonds we’ve setup previously work perfectly.Eventually looking at other config snipp...

Resolved! Unable to manually upload dynamic content

Hello,I am currently working on a new PA-3020 deployment. The device has been delivered with old PanOS 5.0.6 release. Also I would like to upgrade it to last PanOS 6.0.x release before going ahead with configuration.The device has currently no access to Internet, also I have to manually upgrade the device. In order to achieve this, I firstly hav...

ldormond by L3 Networker
  • 6690 Views
  • 2 replies
  • 0 Likes
  • 24393 Posts
  • 123 Subscriptions
Top Solution Authors
Labels