General Topics
cancel
Showing results for 
Search instead for 
Did you mean: 
General Topics

Discussions

Join Us for a Tech Deep Dive Miniseries!

 

Stop Zero-Day Threats in Zero Time with Nebula PAN-OS 10.2.

 

Join us live for an in-depth look at the latest advancements in cybersecurity, best practices, tips and tricks, demos and
more to protect your business and defend against threats in real

...

nebula-on-demand-tech-deep-dive-miniseries-live-community-banner-2600x600.jpg
jforsythe by Community Team Member
  • 471 Views
  • 3 replies
  • 1 Likes

HA path monitoring in virtual wire

I've seen a couple answers here about using Path Monitoring in Virtual Wire. They say that one must use an IP address within the Virtual Wire subnet as the source address. OK, I get that. What I don't get is how to configure such an address. I don't

...

gmparis by Not applicable
  • 6137 Views
  • 22 replies
  • 0 Likes

Resolved! licensing VPN clients

hi!

I would need some help understanding the PAN licensing model fo VPN clients. we are planning a new deployment and would like to offer our clients (Windows and iOS based) the possibility to access corporate resources. since only a very basic functi

...

santonic by L5 Sessionator
  • 2141 Views
  • 4 replies
  • 0 Likes

Resolved! Do I configure proxy-id in ipsec-vpn certainly?

Hello all,

What is proxy-id in ipsec-vpn configuration??

Why does it need??

I will use ipsec-vpn on PA-2020 & PA-500.

Each devices have 15 proxy-id(remote-networks).

I know one tunnel interface has 10 proxy-ids.

So I have tested without proxy-id that traff

...

GlobalProtect Access-list

obalHello

He have several servers behind a Palo Alto Firewall. As they are managed by different admin groups we have access lists that filter the management acceso.

So:

- Unix_Admin_Network (10.1.1.0) -> has access ssh access to Unix Servers

- Windows_Ad

...

PA 5050 Admin Account Rename/Deletion

Hi All

I am using one PA 5050 firewall and all is working fine. Just want to know if I can rename or delete the Admin (Default) account in the box. This account is default account and is there any limitation if we delete it or rename it. If  I delete

...

itsecll by L1 Bithead
  • 1148 Views
  • 2 replies
  • 1 Likes

SSL DECRYPTION AND FACEBOOK-CHAT

Hi,

i enabled ssl decryption and wrote 3 rules

1. allow facebook-chat

2. deny facebook-apps,

3. allow from trust to untrust with url filtering (and allowed facebook)

everythings works fine but facebook-chat suddenly connecting and disconnecting..

How can

...

lildeniz by L3 Networker
  • 600 Views
  • 0 replies
  • 0 Likes

Number of URLs on PAN-DB

Hi,

How much URLs does PAN-could-DB have recently?

We can confirm that the number of URLs BrightCloud classfied URLs in their web site:

BrightCloud, Inc.

Regards,

Tomoyuki Komure

komure by Not applicable
  • 954 Views
  • 0 replies
  • 0 Likes

Resolved! What did I miss? Cross-zone/vpn traffic

New PA200 installed and working on getting it setup. Aside from a 2wk demo, I have little experience with PAN.

I've got a Site-To-Site VPN configured to an ASA5505 at another of our offices.

I have one zone setup for a Wifi network. (Called Wifi) IP sp

...

Nathan.S by L3 Networker
  • 3573 Views
  • 18 replies
  • 0 Likes

HA-system separated with two datacenters

Man have two datacenters and there are about 15-20km between them. The datacenters are connected by dark fiber with 1Gb bandwidth, is it possible to make HA-system to this setup? I mean so, that one of the PA-unit is in the primary datacenter and ano

...

GP and Multiple Gateways

I get from the documentation that GP client can automatically detect the best GP Gateway to connect to via response times.

Does anyone know the exact process the GP client uses to connect to a deployment with multiple gateways.

In this case we have on

...

msamoska by L1 Bithead
  • 1828 Views
  • 3 replies
  • 0 Likes

Resolved! NAt problem with paloalto

Hi,

i have 3 zone trust untrust and dmz

dmz:91.239.204.0/24

trust:10.0.0.0/8

untrust: anything 

when i try to nat from untrust to trust 91.239.204.22--->10.1.1.34 packet goes to dmz interface...i think problem is nat before routing or routing before nat

...

lildeniz by L3 Networker
  • 1442 Views
  • 2 replies
  • 0 Likes
Top Liked Authors