This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

General Topics

Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

 

Rules and Best Practices

 

  1. Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion
...

JayGolf by Community Team Member
  • 616 Views
  • 0 replies
  • 0 Likes

Resolved! What is HTTP OPTIONS Method

Hi,

In our ACC I can see that the status bar is 3.7, thanks to the vulnerability HTTP OPTIONS Method. The problem is that I have no idea what this is and how I can fix this.
How can I fix this problem?

ZEBIT by L3 Networker
  • 7772 Views
  • 3 replies
  • 1 Likes

Traffic from one zone to another

Hello.

We have two virtual wires called 'eduroam' and 'live'. There are two zones linked to eduroam, namely 'eduroam_tr' and 'eduroam_untr'. There are also two zones linked to 'live', called 'live_tr' and 'live_untr'. We would like to allow communica

...

shilpaal by L1 Bithead
  • 2267 Views
  • 3 replies
  • 0 Likes

There are drop counters when performance test

Hello,

I am doing performance test with Breaking Point about throughput , CPS.

While testing, I have found drop counters as below.

session_dup_pkt_drop                     701        3 drop      session   resource  Duplicate packet: Applies only for mul

...

Resolved! GlobalProtect Auth Problem after making new VSYS

When ever we make a new vsys our global protect authentication fails with user not in allow list. Has anyone else seen this problem.  We are going from one one system to 2 vsys's.  ( I don't know the correct wording)

Moving/importing logs after HD failure

Hi.

Recently, owing to an unplanned abrupt shutdown of my active firewall, I ended up with a hard drive corruption which prevented it from booting up (thank $deity for HA pairs).

Quite apart from PA's *ridiculously* bad response time to replace the har

...

darren_g by L4 Transporter
  • 4229 Views
  • 10 replies
  • 1 Likes

Layer 2 vs. Layer 3 Deployment

Hi!

At the moment, I hover between a Layer 2 and Layer 3 Deployment of my PA.

My setup is:

                                                            |     |     |    |

Internet <-> IPSEC-router <-> DMZ <-> internal firewall

                            

...

Dynamic Roles vs. Role-based Panorama

Hi everyone

So I was just wondering if anyone else has noticed a discrepancy between role-based and dynamic roles on their Panorama. I notice that "botnet" and "session browser" are not drop downs for my role-based admin role. That is fine since https

...

jprice2 by Not applicable
  • 2128 Views
  • 1 replies
  • 0 Likes

Cisco to PA Access List Migration

Hello,

I am in process of prepping a Palo Alto 5050 to replace a Cisco FWSM. I am doing most of the configuation on the PA by hand, but I was wondering if anyone knows how to best go about importing over 5000 Cisco access list lines into the Palo Alto

...

mwhitlow by L0 Member
  • 3301 Views
  • 7 replies
  • 0 Likes

A lot of traffic on port 443 (https) to ip 65.52.98.231

Hello,

I have a lot connections from my firewall to public IP addresses 65.52.98.231 port 443.

Our SIEM correlated events and generating the following offense:

    Event Name:    Excessive Firewall Accepts From Multiple Sources to a Single Destination

  

...

SOC_CSG by L4 Transporter
  • 5696 Views
  • 3 replies
  • 1 Likes

Resolved! DCHP GLOBALPROTCTECT

Hi there.

I wonder if it is possible to match an IP address with a MAC Address, this can be done in the normal DHCP in a public interface, but not if one GlobalProtect in DHCP can be made.

Axca by L0 Member
  • 3280 Views
  • 3 replies
  • 0 Likes

Resolved! SSL Offloading 'Forward Trust' grayed out

Hi,

I have created a certificate from my local CA and also have imported the CSR from PA to the local CA, created the

identity certificate, all is well, but it seems I am not able to "Check Box" the "Forward Trust Certificate" on the  PA.

This it seems

...

rz185016 by Not applicable
  • 6315 Views
  • 5 replies
  • 0 Likes

Resolved! Administrator Authentication with ldap

Trying to create role based user account for monitoring the firewall. I tried to use ldap authentication. However it seems there is some issue with using ldap

I am facing this error after trying to authentication with correct credentials and below are

...

Westcon2 by L3 Networker
  • 6572 Views
  • 15 replies
  • 0 Likes
  • 23940 Posts
  • 113 Subscriptions
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2025 - Palo Alto Networks