General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

 

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! 

 

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 435 Views
  • 0 replies
  • 0 Likes

PAN GlobalProtect 2.0.3 doesn't work

So, I activated GlobalProtect 2.0.3 yesterday and have found that it fails to connect. The user will click "Connect" and the globe will spin for about 30 seconds then it closes itself and reopen on the taskbar(icon disappears and reappears). I am cur

...

jbo by L0 Member
  • 3167 Views
  • 4 replies
  • 0 Likes

HA-HA group mappings not passing to secondary PANOS 6.03

Hello,

I have group mappings present on the Primary Firewall, not passing to the secondary Firewall.  Specifically for a new gorup created today.  I have tried the various debug refresh commands on both boxes to attempt the get the seocndary box to pu

...

jbabcock by Not applicable
  • 2857 Views
  • 4 replies
  • 0 Likes

web crawling for google only

I know this topic has been discussed before but there is never a clear answer. It seems it is not possible to allow only specific web crawlers such as google. If that's the case, I assume most of you have web-crawling enabled for your site only? Goog

...

bino150 by Not applicable
  • 4177 Views
  • 2 replies
  • 0 Likes

vcom-tunnel

Hi!


  We have a problem on the equipment pa-5020.
when we look at the log traffic, the session ends with incomplete response
Then I looked in and saw the following wireshark log.
SYN      -              VCOM-tunnel Seq = 0 win = 8192 len = 0 mss = 14

...

NTCUser by L1 Bithead
  • 5858 Views
  • 7 replies
  • 0 Likes

Resolved! What is HTTP OPTIONS Method

Hi,

In our ACC I can see that the status bar is 3.7, thanks to the vulnerability HTTP OPTIONS Method. The problem is that I have no idea what this is and how I can fix this.
How can I fix this problem?

ZEBIT by L3 Networker
  • 8027 Views
  • 3 replies
  • 1 Likes

Traffic from one zone to another

Hello.

We have two virtual wires called 'eduroam' and 'live'. There are two zones linked to eduroam, namely 'eduroam_tr' and 'eduroam_untr'. There are also two zones linked to 'live', called 'live_tr' and 'live_untr'. We would like to allow communica

...

shilpaal by L1 Bithead
  • 2383 Views
  • 3 replies
  • 0 Likes

There are drop counters when performance test

Hello,

I am doing performance test with Breaking Point about throughput , CPS.

While testing, I have found drop counters as below.

session_dup_pkt_drop                     701        3 drop      session   resource  Duplicate packet: Applies only for mul

...

Resolved! GlobalProtect Auth Problem after making new VSYS

When ever we make a new vsys our global protect authentication fails with user not in allow list. Has anyone else seen this problem.  We are going from one one system to 2 vsys's.  ( I don't know the correct wording)

Moving/importing logs after HD failure

Hi.

Recently, owing to an unplanned abrupt shutdown of my active firewall, I ended up with a hard drive corruption which prevented it from booting up (thank $deity for HA pairs).

Quite apart from PA's *ridiculously* bad response time to replace the har

...

darren_g by L4 Transporter
  • 4462 Views
  • 10 replies
  • 1 Likes

Layer 2 vs. Layer 3 Deployment

Hi!

At the moment, I hover between a Layer 2 and Layer 3 Deployment of my PA.

My setup is:

                                                            |     |     |    |

Internet <-> IPSEC-router <-> DMZ <-> internal firewall

                            

...

Dynamic Roles vs. Role-based Panorama

Hi everyone

So I was just wondering if anyone else has noticed a discrepancy between role-based and dynamic roles on their Panorama. I notice that "botnet" and "session browser" are not drop downs for my role-based admin role. That is fine since https

...

jprice2 by Not applicable
  • 2220 Views
  • 1 replies
  • 0 Likes

Cisco to PA Access List Migration

Hello,

I am in process of prepping a Palo Alto 5050 to replace a Cisco FWSM. I am doing most of the configuation on the PA by hand, but I was wondering if anyone knows how to best go about importing over 5000 Cisco access list lines into the Palo Alto

...

mwhitlow by L0 Member
  • 3486 Views
  • 7 replies
  • 0 Likes
  • 24075 Posts
  • 116 Subscriptions
Top Liked Authors
Labels