This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Resolved! Cannot run GlobalProtect Portal on preferred IP address

Please correct any wrong statements:

1. I connect my PA to the "untrust internet" via ethernet 1/1

2. My ISP assigned me 164.67.80.0/24 block of IPV4 addresses (actually this is a lie...)

3. I assigned 164.67.80.2/24 to ethernet 1/1

4. The PA is capable

...

cstech by L2 Linker
  • 3213 Views
  • 3 replies
  • 0 Likes

Mirror traffic from tunnel interfaces to SPAN port

Hello Everyone,

I'm new to the PA firewall's and trying to figure out how to monitor my tunnel interfaces, and the traffic flowing through them.

I have a PA-3020 running as an endpoint for several tunnels. I want to mirror the traffic from those tunn

...

edevansky by Not applicable
  • 4107 Views
  • 5 replies
  • 0 Likes

Destination NAT on a Vwire?

Is there documentation on how to do this?  All I have found is incomplete.  Is the Destination Zone the same or different than the Source Zone?  Do the addresses have to include the subnet mask?  Are there any complete examples available?

kentjday by L1 Bithead
  • 4531 Views
  • 10 replies
  • 0 Likes

Resolved! Help with custom vulnerability signature

Can someone provide documentation and insight in regards to creating custom IPS signatures based on the follow scenario?

Consider you have an FTP server. The USER command is vulnerable to buffer overflow. How does one create a custom signature to iden

...

SDorsey by L4 Transporter
  • 2834 Views
  • 4 replies
  • 0 Likes

EDNS Support

In the recent code releases has support for EDNS been added...If so, what release and can you point me in the direction of a good EDNS tech doc?!!

Thank you in advanced,

-jc

jclimer by L0 Member
  • 5059 Views
  • 5 replies
  • 0 Likes

Security Policy-by Computer Name in domain

Hi,

I have a requirement from a customer, that he doesn't want user based security policy for a certain location.

He want that only specific computer names which are in domain should be blocked for certain application.

Is this possible using global pro

...

NiteshS by L2 Linker
  • 2758 Views
  • 2 replies
  • 0 Likes

Redundant Ports

Hi,

the customer is looking for a redundant ports as there looking for a cross connection between two different switches.

is this possible? etherchannel/aggregate port configuration doesn't solve that issue as aggregate port goes in the same switch onl

...

NiteshS by L2 Linker
  • 3477 Views
  • 4 replies
  • 0 Likes

List of custom risks

Hi,

Just started out configuring a new PA3020 and decided to block all risk level 5... there are a couple of apps that I wanted to allow through so re-graded them risk 4.

In the future I want to ensure this is manageable, is there somewhere on the syst

...

Resolved! Panorama Botnet View

Hi All,

Where do you find the Botnet monitor and reports for firewalls running 4.x from a Panorama interface running 4.x? And minimum level permission is required in order to see these Botnet reports?

Appreciate the assistance.

apc050 by Not applicable
  • 5117 Views
  • 6 replies
  • 0 Likes

Active Directory Users not Authenticating to GP

Hi,

We configured agentless User-ID with our PAN OS 5.0.2. We created policies using the AD usernames and it is working fine.

However, We are trying to configure our GP to authenticate using the AD users. This is not working and we are getting the foll

...

rsaber by L1 Bithead
  • 2489 Views
  • 3 replies
  • 0 Likes

Resolved! Using Local DB and LDAP for Global Protect

Hi All,

Is it possible to have Local and LDAP users authenticate to the Global Protect Client.

In the GP configuration, I can only choose one Authentication Profile, which is chosen for Local DB.

I tried to configure another GP Portal but I could not us

...

rsaber by L1 Bithead
  • 3140 Views
  • 3 replies
  • 0 Likes

Best practices for HA PANs and switch stack

For this scenario, assume a simple setup. Two firewalls in HA and two switches in a stack. Also assume the firewalls are in active/passive. Consider the below setup, each firewall has one physical link to separate switch members of the stack.

In this

...

SDorsey by L4 Transporter
  • 8063 Views
  • 14 replies
  • 0 Likes
  • 24204 Posts
  • 100 Subscriptions
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks