General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Ensuring a Safe and Secure Community: How You Can Help

 

Dear LIVEcommunity Members,

 

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

safe-community_oct24.jpg
report-content.jpg
jforsythe by Community Team Member
  • 419 Views
  • 0 replies
  • 2 Likes

User IP-user-mapping incorrect

(PA3000 series FW running 6.0.2) Getting users being blocked by the captive portal from a local service account running on their machine.. only way around it is to disable the service and/or account and then flush the user to ip mapping cache.  Any w

...

rrau by L3 Networker
  • 5537 Views
  • 14 replies
  • 0 Likes

Resolved! Weighted dynamic routing on edge - possible?

Folks.

Current company is looking to expand to another site (yay for me - I get to upgrade my 2020's to 3020's at the head office!), however I'm in a bit of a quandary on getting the new site working.

The new site is going to have two internet links fo

...

darren_g by L4 Transporter
  • 2622 Views
  • 5 replies
  • 0 Likes

Commit times

I'd like to hear some feedback from users on the 3050 hardware. We currently use the 2020's and commit times are between 30-60 minutes. We've been using this platform for several years and been through tech support dozens of times on this issue. I un

...

Panorama HA Pair setup question

I have two new PA-500 firewalls and want to install it in Active/Passive setup. Right now only the management interfaces are connected. I did the initial setup, updated the software to 6.0.4 and connected both firewalls to Panorama. I did not assign

...

Resolved! Multiple bidirectional NATs with multiple public IPs

Hello,

I have /26 public IP addresses (164.67.80.65 - 164.67.80.126).  I bound ethernet 1/1 to 164.67.80.77/24.  Then I created a bidirectional NAT connecting 164.67.80.77 to 192.168.1.77.  Works great.  Now I want to setup a second bidirectional NAT:

...

cstech by L2 Linker
  • 3702 Views
  • 6 replies
  • 0 Likes

Resolved! Address objects: IP vs IP Netmask

Hello,

I have an address I would like to represent as an "Address Object".  The address is 164.67.80.78 and the netmask is 255.255.255.192.  I created an "Address Object" with an "IP Netmask" of 164.67.80.78/26.

I used this "Address Object" to set the

...

cstech by L2 Linker
  • 4513 Views
  • 4 replies
  • 0 Likes

Slowness over VPN

I just modified a PA-200 in our remote office to use two internet connections and two VPN connections for fail-over. The tunnels are up and are passing traffic fine for me, however users in that office are complaining about slowness over the VPN. The

...

Resolved! IKE phase 2 negotiation fail

Hi,

I'm having a hard time bringing up a VPN tunnel from my PA-5020 to a Cisco firewall.  I'm getting the following:

'IKE phase-2 negotiation failed when processing proxy ID. cannot find matching phase-2 tunnel for received proxy ID. received local id:

...

przyboro by L1 Bithead
  • 4544 Views
  • 3 replies
  • 0 Likes

Resolved! Application Dependency


Hello

We currently block access to Scribd for our employees. We now want to allow Scribd and I was looking through the Applipedia and noticed "scribd-base" but it also has dependencies of "web-browsing" and ssl". If I add those dependencies will they

...

RyanA. by L0 Member
  • 4292 Views
  • 4 replies
  • 0 Likes

App dependencies - that's creazy!!

Hello

Today I have to add MS Lync to be allowed from VPN. Sound simple.

So I add to security rule ms-lync

.

but during commit I get warnings:

ok, I added ms-lync-online but I get another warning:

DO I really need to add every particular aplication by hands

...

_slv_ by L4 Transporter
  • 5553 Views
  • 12 replies
  • 1 Likes

Virtual wire for two different VLANs!

Hi,

I wanted to apply a virtual wire between two sub-interfaces 1.10 and 2.20, which are basically in two different VLAN ID (10 and 20), but I'm getting an error saying that sub-interfaces cannot have interfaces with different VLAN (10/20).

Is this the

...

Besfort by L2 Linker
  • 6975 Views
  • 7 replies
  • 0 Likes
  • 23695 Posts
  • 110 Subscriptions
Top Solution Authors
Labels