General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Problems creating IPSec VPN to Cisco ASA

Hi,I have been having difficulties trying to configure an IPSec tunnel between a PA500 and Cisco ASA. I can get the tunnel up as it show's as green under the IPSec section however no traffic seems to flow through the tunnel and there is no connectivity. I am essentially using the IPSec VPN to allow a GRE tunnel from a partner companies router ...

DNS Proxy doesn't work

Hi,I configured dns proxy like have been deescribe on palo-alto but it doesn't work at all.I made this steps:1 - enabled dns proxy on l3 vlan interface2 - set two dns servers to use3 - enabled cacheBut i don't see anything in dns proxy cache.Maybe i forgot something?TnxAnswer

puzzel by L0 Member
  • 4483 Views
  • 5 replies
  • 0 Likes

IP Renumbering - trying to avert a slow motion disaster

PAN-200PAN OS 6I am no networking guy, but he left, so there is me dealing with this.We've embarked on a great project to renumber our IP addresses with very little thought in advance.There aren't that many, we said. What could go wrong, we thought. Well, for starters, one host that I've cutover to the new scheme can't see 'the internet' but hi...

bdunbar by L3 Networker
  • 9495 Views
  • 11 replies
  • 1 Likes

ONE External IP to MANY Internal IP NAT

I believe I know the answer after looking around.We have NATs that work fine when it is 1to1.But what about 1 External IP that represents many Internal Hosts? We have multiple websites that when you do a lookup in DNS, they all point to a singular public facing IP. That public facing IP is represented by our ISA. External ...

greeng by L2 Linker
  • 7043 Views
  • 7 replies
  • 0 Likes

Server certificate verification failed

Hi there,I wonder if I can finally resolve my continuous problems with GP and Windows machines.I have 0 problems with Android and Apple devices but Windows XP,7,8 or 8.1 give identical outcome. Problems, Problems and more problems.Please let me start from the configuration:1.2. Gateway3. cert4. cert againHowever, each time I try to logon I conti...

Has anyone been able to correlate performance issues due to the number of security rules present?

I was thinking about writing very specific security rules for around 15 hosts. The rules would essentially whitelist traffic by destination ips and application. I am somewhat concerned that adding this many additional rules could potentially slow traffic down an appreciable amount for traffic that would match on rules below these.Has anyone ru...

bgirdner by L2 Linker
  • 3175 Views
  • 1 replies
  • 0 Likes

Advice blocking URl/ZIP

Hi,We are receiving the same emails,which last 28/11/14, infected our system with cryptoloker. These links come from different domains but have in common the following urlhttp://xxxxxxxx.xx/Billing/invoice.zip. How could we avoid that if someone clicks the link, not end infecting our systems? any advice?????thanks

SOC_CSG by L4 Transporter
  • 6617 Views
  • 9 replies
  • 0 Likes

VPN commands

Hi Friends,I need cmd for tunnel up time status.I mean I want to look how many days tunnel is up and down. RegardsSatish

Satish by L4 Transporter
  • 2932 Views
  • 3 replies
  • 0 Likes

Optimization tips for GlobalProtect?

Hi Guys,Does anyone have any optimization tips that they've done for GlobalProtect? Looking for ways to speed up auth in the event the client gets disconnected when the device switches from wifi to cellular network. What we are seeing is it disconnects but doesn't connect or it takes awhile before it reconnects. using it on iOS.Thanks,

x by L1 Bithead
  • 3879 Views
  • 2 replies
  • 0 Likes

problema con equipos PAN-500 en modo Activo-Pasivo

Tenemos el siguiente problema, nosotros hicimos una migración a la versión 5.0.8 en ambos equipos y no tuvimos ningun inconveniente, el problema viene hoy cuando queremos hacer modificaciones al equipo y nos muestra un error en la interface 1/6 la cual se configuro en modo HA no se porque pero no tiene ningun cable conectado ni esta operacional,...

Is it possible and OK to disable user cert caching?

After revoking a cert being for GP, the device is still able to connect. I found that it is cached somehow. So is it possible and OK to disable the caching of user certs for authentication?> show system setting ssl-decrypt settingvsys : vsys1Forward Proxy Ready : yesInbound Proxy Ready : yesDisable...

zac_hg by L1 Bithead
  • 6202 Views
  • 4 replies
  • 0 Likes

Resolved! Contact a Sales Engineer

During last night's trouble call the technician mentioned something like 'you have access to a sales (or service) engineer, and we'll have him contact you. It's part of your contract.'Wonderful. Who is this person and how can I find him? Searched on the site but no obvious links titled 'contact your SE'.Thanks,~brian

bdunbar by L3 Networker
  • 4079 Views
  • 3 replies
  • 0 Likes
  • 24393 Posts
  • 123 Subscriptions
Top Solution Authors
Labels