General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

 

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! 

 

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 1256 Views
  • 0 replies
  • 0 Likes

Resolved! IPSec-ESP No matching record

The last few weeks I have noticed a large amount of traffic on the Network Monitor coming from IPSec-ESP.  I moved several VPN tunnels off our old WatchGuard to our Palo Alto PA-3020 around the time this started.  When I click on the application itse

...

ClintL by L2 Linker
  • 9365 Views
  • 15 replies
  • 0 Likes

Encrypted Traffic over the Palo Alto

We have site to site VPN (both side PA) in our network, I want to send some encrypted traffic over the tunnel , How the palo alto will decide the encrypted traffic not to be scanned (threats) and filtering rule also not applied for the those traffic.

...

tiwara by L3 Networker
  • 4997 Views
  • 4 replies
  • 0 Likes

Fan RPM defaults for a 3020

I recently purchased a PA-3020 and just fired it up for the first time.  The first thing I have noticed is how loud this device is.  It is almost deafening and can be heard in the hallways behind a door in my server room.  Is this typical behavior? 

...

rayb by Not applicable
  • 3612 Views
  • 2 replies
  • 0 Likes

Dual ISP

My main PA is configured for dual ISP's and I am going to put third party certs for my global protect clients. Do I put two certs on? One for each ISP?

infotech by L4 Transporter
  • 6834 Views
  • 17 replies
  • 0 Likes

Resolved! Help With Custom Datafield or Vulnerability

I have a Snort rule for a specific network activity I wish to either block or alert on. I would like to translate this into a PAN. Would it be best to do a data field or a vulnerability?

alert tcp any any -> any any (content:"|6E|"; depth: 1; content:

...

SDorsey by L4 Transporter
  • 3065 Views
  • 5 replies
  • 0 Likes

Use VM-100 With Could Provider - MAC Issues

We are trying to set up a VM-100 as the entry point to a virtual data center. We have run into an issue with the MAC addresses on the VM device not matching the MAC addresses on the Palo interfaces. We appear to be stuck at this point. Apparently it

...

khansen by Not applicable
  • 3481 Views
  • 4 replies
  • 0 Likes

API test url category

I want to use the API to query URL (Brightcloud) categorisation.  This is the command in the CLI:

pan1(active)> test url theguardian.com

theguardian.com news-and-media (Base db)


running the same check via the API browser:

https://x.x.x.x/api/?REST_API_TO

...

Resolved! Public IPv6 DHCP Support

Since many ISPs are adding support for IPv6, I wanted to know if PAN firewalls support receiving an IPv6 via DHCP from the ISP? When I go to IPv6 on the interface, I don't see a DHCP or PPPoE option. It appears one can only set a static address ?

SDorsey by L4 Transporter
  • 3620 Views
  • 2 replies
  • 0 Likes

User IP-user-mapping incorrect

(PA3000 series FW running 6.0.2) Getting users being blocked by the captive portal from a local service account running on their machine.. only way around it is to disable the service and/or account and then flush the user to ip mapping cache.  Any w

...

rrau by L3 Networker
  • 6606 Views
  • 14 replies
  • 0 Likes

Resolved! Weighted dynamic routing on edge - possible?

Folks.

Current company is looking to expand to another site (yay for me - I get to upgrade my 2020's to 3020's at the head office!), however I'm in a bit of a quandary on getting the new site working.

The new site is going to have two internet links fo

...

darren_g by L4 Transporter
  • 2969 Views
  • 5 replies
  • 0 Likes
  • 24176 Posts
  • 117 Subscriptions
Top Solution Authors
Top Liked Authors
Labels