This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4116 Views
  • 0 replies
  • 0 Likes

Extended SSO Support for GlobalProtect Agents

Hi,GP 2.1.0 is now released with the extended SSO support: With Single Sign-On (SSO), the GlobalProtect agent wraps the user’s Windows login credentials to automatically authenticate and connect to the GlobalProtect portal and gateway. SSO has been enhanced in this release to so that when a third-party credential provider is being used to wrap t...

Hithead by L4 Transporter
  • 4354 Views
  • 5 replies
  • 0 Likes

Resolved! WAN interface connectivity loss logged anywhere?

Do the PaloAlto's have any functionality to monitor a wan link or tunnel and create a log entry if the link is down or there is significant packet loss? I am able to see these things through external monitoring tools but it would be nice to have a system log entry or something on the PANs as well.

bgirdner by L2 Linker
  • 7652 Views
  • 5 replies
  • 0 Likes

FTP Data - Handshake is not estabilished

Hello,we are struggling with this problem.There is a FTP Client and an FTP Server. Both on different sites. Between them is a VPN Tunnel build with PA 3020 and PA 5020.FTP is working - but sometimes not!!!!!We found the reason for this: This is what I can see at client's siteControlchannel (21) is UPClient asks "STOR myfile.txt"Datachannel Hands...

rkra by L2 Linker
  • 5587 Views
  • 4 replies
  • 0 Likes

Resolved! Legit Suspicious DNS Query?

Since 2013/12/26 I have been seeing a large number of Suspicious DNS Queries (generic: xml12es.farolatino.com), threatid 4011926. After researching the computers that are getting this, they all seem to be going to Microsoft sites prior to this query. From what I have read this seams to be coming from Microsoft Media Player. They use this site...

rgreens by L2 Linker
  • 10335 Views
  • 7 replies
  • 0 Likes

Set Up Data Port for external services

Hallo all,I am following the document PAN OS 6.0 Admin Guide. Since my management port does not have internet access, I have to setup a data port for external access and updates. So the mentioned document, in the section called "Set Up Network Access for External Services", it is suggested that I should configure 2 ports, one on internal zone sa...

Resolved! syntaxt issue with user enumeration

Hello I've an issue on the PANOS 6.0.3 about enumaration of user or group in a security policy I have to use the complete ldap syntax to found the user in the user source columnlike thisand when i tried to browse directly with the select menueI obtain thisloading but nothing appearanybody have this issue?

Gregoux by L4 Transporter
  • 7208 Views
  • 9 replies
  • 0 Likes

OT: SNMP Trap to SMS

HelloI have question not directly connected to PA but I think here are peoples who using such solution or are interested in I spend over a hour on googling for simple and free solution for recieving SNMP trap and sending alert by usb modem as a SMS but I didn't find anything interesting.I think that could be VM with Linux and snmptrapd and ie ...

_slv_ by L4 Transporter
  • 4716 Views
  • 6 replies
  • 0 Likes

Resolved! Looking for Documentation

Halloi am looking for the following documentation. I searched the knowledge base but could not find any document:1. IPSEC Configuration Guide with PAN OS 6.02. Configuring PA Firewall for Remote Access Management.Could anyone give me an exact link with documents addressing above issues? (I could not find the above things in admin guide)Thanks a ...

Configure Certificate Based Authentication for IKE: ISSUE Cert

Hi all,I config IPSec betwen two PA device: 1 PA5020 and 1 PAI config as guide: How to Configure Certificate Based Authentication for IKE on PAN-OS 6.0I generate CA on PA 5020 and import to PA 200But on PA 200 i can't sign new Cert with the imported CA certificate.I try generate all cert on PA 5020 ( root CA & signed CA) and import to PA 20...

dat.tran by L2 Linker
  • 7293 Views
  • 6 replies
  • 0 Likes

can we get the lost pre-shared key ?

Hi ,i have a palo alto firewall, i have been asked to put together the pre-shared keys for our VPN peers.i am not able to locate the key for some tunnels, is there any way i can recover the key from my config ?Regards,~Harry

Harshit by L3 Networker
  • 8714 Views
  • 2 replies
  • 0 Likes

Suspicious DNS Query

Hi All -Looking through my threat monitor and I am seeing a lot of Suspicious DNS Query entries in there. I have two internal DNS servers, and the entries are for both of them -- the drop-all-packets action is being taken, so it's good the PA is stopping them. If I had to take a guess, 90% of the entries in my entire threat monitor are the Sus...

Resolved! GP Error "Server certificate verification failed"

Dear communityAfter updating GP to version 2.1.0 I get the message "Server certificate verification failed" when trying to connect.The same connection with GP version 2.0.4 works fine. The reason for updating is OSX 10.10 Yosemite.I can't see any errors on the box or the client. Does anybody have an idea?Box is a PA-2050 running PanOS 5.0.12The ...

Resolved! Clear the threat pcap database

Hey all,Is there a way to clear the threat pcap database?We are running PanOS 5.0.x so the pcaps are not automatically overwritten, and we get the message saying our daily packet capture limit has been reached.We have turned off pcaps on the security profiles, so no new pcaps are being taken, but the database remains full...I know you can clear ...

mr.linus by L4 Transporter
  • 5857 Views
  • 3 replies
  • 0 Likes

Basic GlobalProtect Walkthrough

Hello,New customer here, currently working my way though configuring the various parts of the firewall...At the moment, I'm working on User VPN, and I'm finding it difficult to find clear step-by-step documentation. I did manage to make an SSL vpn connection earlier today, but the only traffic I see on the firewall is DNS and a few LDAP connecti...

  • 24334 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks