General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

How and Why to Accept a Solution to Your Post

Did you know that you can help your fellow community members by accepting solutions when a reply answers your question. Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature

...

JayGolf_0-1691518400714.jpeg
JayGolf by Community Team Member
  • 2884 Views
  • 2 replies
  • 14 Likes

Resolved! Active/Active & IPSec Trouble

After implementing HA Active/Active, we left S2S VPN tunnels alone.  Ultimately no changes to IKE Gateways.  The S2S terminate to a /30 address that is statically routed from the ISP to ethernet1/12 on the active-primary.  Tunnel interfaces and their

...

dshue by L2 Linker
  • 5100 Views
  • 4 replies
  • 0 Likes

Resolved! Port Channel to Cisco Switch

Hi,

I have Palo Alto 3020/5020 firewalls and I would like to configure a port channel (ether channel) between these devices and a Cisco switch.

I have configured an aggregate link on the Palo and added the interfaces. I have created the Port Channel on

...

sjy2013 by L0 Member
  • 19284 Views
  • 5 replies
  • 0 Likes

enforce safe search

I created a rule for URL and tick the enforce safe search.  When it enabled, if I want to do the google search, I have to log in my account and pick lock safe search. Otherwise, it will block me.

I think it is hard to use in my case, which is a scho

...

Bin by L1 Bithead
  • 1379 Views
  • 1 replies
  • 0 Likes

enforce safe search

I created a rule for URL and tick the enforce safe search.  When it enabled, if I want to do the google search, I have to log in my account and pick lock safe search. Otherwise, it will block me.

I think it is hard to use in my case, which is a scho

...

Bin by L1 Bithead
  • 1572 Views
  • 1 replies
  • 0 Likes

Test PA-200 parrallel to current firewall

I received a PA-200 device for review and testing. I like to set it up besides my current firewall and see what it can filter.

Via SPAN Monitor on a Cisco switch I copy all traffic on the UNTRUST side to the PA-200. Now I get a lot of tcp-reject-non-s

...

MdeLoos by L0 Member
  • 2851 Views
  • 3 replies
  • 0 Likes

Ampersand in API request

Hi, colleagues!

I have a "Custom URL Category" and I try to add new URL from API request but if URL have ampersand(&) I have a error: <response status="error" code="18"><msg><line>Malformed Request</line></msg></response>

PanOS: 5.0.8

Original URL: exam

...

faust by L1 Bithead
  • 3569 Views
  • 6 replies
  • 0 Likes

Can I see the user-id syslog agent's log?

I am using agentless syslog integration for user ID and it's working but for every login event I am seeing twice as many log messages received as auth success log messages and I want to know why.  Is there a way to look at the logs received by the PA

...

djr by L4 Transporter
  • 1743 Views
  • 2 replies
  • 0 Likes

About HA1 connection down in system critical log.

Hi. all

I have a question about high availability with A-P mode.

We found out critical system log in active device for HA1 connection down but not occurred split-brain. (system log : type ha / severity critical / event connect-change / description HA G

...

URL Blocking

How can I add some sites to the list of blocked URLs that PA downloads into my PA-500? I know I can block them manually in my PA, but I feel that the PA tech support staff should know about these sites. I will give you and example that my students fo

...

Resolved! Active/Active Floating IP/Traffic Forwarding Problem

Hello All,

I have a support case open with PAN but I thought I would query others smarter than I.

  • 2 x PAN-2020
  • Recently enabled HA Active/Active
  • BGP on External/Currently ONLY Static Inside to Active-Primary device (0.0.0.0/0 -> Active Primary)
  • Session Ow
...

dshue by L2 Linker
  • 3881 Views
  • 1 replies
  • 0 Likes

Internet logs, backup and review

Pardon if this is a repost but I am new and could not find anything similar.

Right now our 3020 unit seems to only be getting 4 or 5 days worth of log information before it fills up.  We would like to have access for the last 30 days if possible.  Is

...

Whitelist rule - confusion on URL filtering...

We have a whitelist rule that allows out http/https as a service and "any" as the application.

All the URL categories in the profile applied to that rule are set to "Block" and there are some URLs in the whitelist.

The destination address is set to "an

...

  • 24016 Posts
  • 99 Subscriptions
Top Solution Authors