This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Resolved! Multiple bidirectional NATs with multiple public IPs

Hello,I have /26 public IP addresses (164.67.80.65 - 164.67.80.126). I bound ethernet 1/1 to 164.67.80.77/24. Then I created a bidirectional NAT connecting 164.67.80.77 to 192.168.1.77. Works great. Now I want to setup a second bidirectional NAT: 164.67.80.78 to 192.168.1.78Question:Can I do this without using just the one external interface...

cstech by L2 Linker
  • 5036 Views
  • 6 replies
  • 0 Likes

Resolved! Address objects: IP vs IP Netmask

Hello,I have an address I would like to represent as an "Address Object". The address is 164.67.80.78 and the netmask is 255.255.255.192. I created an "Address Object" with an "IP Netmask" of 164.67.80.78/26.I used this "Address Object" to set the interface address. Worked great. When I went to setup a bi-directional NAT policy, I needed to ...

cstech by L2 Linker
  • 6472 Views
  • 4 replies
  • 0 Likes

Slowness over VPN

I just modified a PA-200 in our remote office to use two internet connections and two VPN connections for fail-over. The tunnels are up and are passing traffic fine for me, however users in that office are complaining about slowness over the VPN. There is zero packet loss over the tunnel and connectivity to the internet is just fine, from what I...

Resolved! IKE phase 2 negotiation fail

Hi,I'm having a hard time bringing up a VPN tunnel from my PA-5020 to a Cisco firewall. I'm getting the following:'IKE phase-2 negotiation failed when processing proxy ID. cannot find matching phase-2 tunnel for received proxy ID. received local id: 10.13.247.43/32 type IPv4_address protocol 0 port 0, received remote id: 192.168.10.200/32 type ...

przyboro by L1 Bithead
  • 5861 Views
  • 3 replies
  • 0 Likes

Resolved! Application Dependency

HelloWe currently block access to Scribd for our employees. We now want to allow Scribd and I was looking through the Applipedia and noticed "scribd-base" but it also has dependencies of "web-browsing" and ssl". If I add those dependencies will they permit ALL web-browsing (tcp 80) and ssl (443) traffic? Or will it be just limited to scribd-base...

RyanA. by L0 Member
  • 5671 Views
  • 4 replies
  • 0 Likes

App dependencies - that's creazy!!

HelloToday I have to add MS Lync to be allowed from VPN. Sound simple.So I add to security rule ms-lync.but during commit I get warnings:ok, I added ms-lync-online but I get another warning:DO I really need to add every particular aplication by hands?We pay for support and expect easy to use PAN.Second problem is that I alredy have few security ...

_slv_ by L4 Transporter
  • 7862 Views
  • 12 replies
  • 1 Likes

Resolved! Use PA-500 ports as additional access ports (switch ports)

I was hoping to get some direction. I have deployed a PA500 in a small office using a standard L3 deployment (one trusted (LAN) and one untrusted (WAN) interface) and need a few switch-ports on the LAN side for access points. Is it possible to add additional interfaces to the trusted zone and use them as switch ports in the same subnet and vir...

Virtual wire for two different VLANs!

Hi,I wanted to apply a virtual wire between two sub-interfaces 1.10 and 2.20, which are basically in two different VLAN ID (10 and 20), but I'm getting an error saying that sub-interfaces cannot have interfaces with different VLAN (10/20).Is this the default behavior for virtual wire, or am I missing something?Thanks,-B

Besfort by L2 Linker
  • 9369 Views
  • 7 replies
  • 0 Likes

First official Cyvera thread

So has anyone heard anything more about Cyvera? The fact that PA bought out Cyvera is in the news now and was announced at Ignite, so I'm reasonably sure it's ok to talk about here.Anyone have any news on what's going on? What the integration with PA will look like? Betas? Etc etc

Url time report

Is there any way to generate a report that informs how long the users are getting on the Internet, and also what were the biggest downloads, starting from the custom report ?

Resolved! URL Category "any"

Hi,I'm configuring my new PA3020. It is my first experience with the device and so far things seem to be going well. Here is my setup:PA3020 positioned between current firewall and core switch in TAP mode.URL Filtering license installed.My question is:When I look at the traffic logs I see that ~90% of the entries have a URL Category of "any". Ev...

charger by L2 Linker
  • 7010 Views
  • 6 replies
  • 0 Likes

Resolved! Block internet access using Opera Mini

Hi Gents,I would like to configure palo Alto to block internet access via opera web browsers, as this browser can bypass my web-filter.my Palo Alto License is only for Antivirus, Anti-Spyware, and Anti Vulnerability. Regards,

  • 24381 Posts
  • 123 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks