General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

 

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! 

 

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 595 Views
  • 0 replies
  • 0 Likes

PAN failover causes Cisco issues

Hi Guys,

Has anyone seen the PAN causing an issue with Cisco ASAs when doing a failover? I don't have much details yet but wanted to see if anyone has seen this or something similar.

Thank you in advance.


x by L1 Bithead
  • 5247 Views
  • 7 replies
  • 0 Likes

security policies: application vs service

how are application and service treated in a given policy?

multiple apps in a policy?

multiple services in a policy?

apps and services in a policy?

how are the different scenarios and'ed or or'ed?

Thanks

David

Resolved! Is it possible that traffics go on each other sub-interfaces with same physical interface?

Hello.

I want to make the following network-diagram. Is it possible?

A Cisco Nexus              Paloalto

VRF-1 ----------------------> eth1/1.1 | 1.1.1.1 | VR : default | trust

                 tag 10                                |

                     

...

Can I make custom application from MIME type?

Hello,

I want to make custom application(or vulnerability) from MIME type.

EXE of MIME Type is 'application/x-msdownload'

So I made two customer applications as the following patterns.

1. application/x\-msdownload

2. \x61 70 70 6c 69 63 61 74 69 6f 6e 2f

...

Resolved! SSL Ciphers

Does anyone have the ciphers list to configure on ISS and Apache that will fully support decryption? We're running PAN-OS 6.0.

mharding by L4 Transporter
  • 5325 Views
  • 4 replies
  • 0 Likes

Resolved! GlobalProtect Gateway on Different IP address

Let's say we  have an external facing interface  Ethernet1/3  with  Ip address of 1.1.1.14/28.   The upstream isp router is 1.1.1.1 all other addresses (1.1.1.2-1.1.1.14) are routed to the Palo Alto and in use for various web services, etc..

Per the d

...

travisj by L2 Linker
  • 5598 Views
  • 4 replies
  • 0 Likes

Resolved! VPN port and default port the same?

Hallo all,

i have only one phyical ethernet interface on firewall which is facing the internet. I also want to make this PA firewall as an IPSEC Tunnel endpoint. So all my internal traffic uses this ethernet interface to go to internet. And VPN traffi

...

Basic noobie question.

I am looking to what I would call port address translation, but am unfamiliar with how to do it on the PA. Basically I need a public IP to route SNMP traffic to one inside address, and syslog traffic to another inside address. This will also only app

...

mcocat by Not applicable
  • 3501 Views
  • 6 replies
  • 0 Likes

Resolved! WildFire Question

Have a question about the functionality of WildFire.  Here is the scenario (assume we have a WildFire subscription so we are getting updates every 30 minutes):

  1. User gets an email to download "file.exe" at 0800
  2. This hash does not match anything and is s
...

mrsold by Not applicable
  • 6330 Views
  • 7 replies
  • 0 Likes

Resolved! Userid Not detected for some traffic

We are using 4 User-id Agents and today some users started experiencing problems with certain sites they use.  The same sites for all users.... but not all sites.  We have many ad group based rules and some are still working while others seem to have

...

cdp181 by L1 Bithead
  • 6051 Views
  • 3 replies
  • 0 Likes

Resolved! PAN OS Upgrade 6.0.5 failure and success

Hello All

Out of the box, my 3050 Firewall had PAN OS 5.0.x and I wanted to upgrade it to.the latest 6.0.5 release. My Firewall does not have internet access yet, and so all the following things were done offline by downloading files on my laptop.

So,

...

VMware View rules configuration

Does anyone have any information on how to get user-id to work with a VMware View security server sitting in the DMZ? Right now the only way we can get PCoIP traffic to flow to is by specifying the ip of the VDI machine that is being connected to. Wh

...

Global Protect Troubleshooting

I have a portal and 3 gateway's setup.  From my home network and a couple other home networks Global Protect works with no issues,  We can disable the client, re enable it, change to different gateways on the fly and it connects right up.

Now for some

...

markk96 by L3 Networker
  • 5201 Views
  • 4 replies
  • 0 Likes
  • 24108 Posts
  • 117 Subscriptions
Top Liked Authors
Labels