This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4111 Views
  • 0 replies
  • 0 Likes

Resolved! Configuration of Palo Alto's in a NIST SP 800-70 Environment (mostly IPv6 blocking related)

Recently as part of our PA-3200 deployment been going through the joys of implementing NIST SP 800-70 configuration controls which in this case means the DoD STIG's (specifically Firewall and IDS STIG, v8 r17) and running into a problem which I noticed during my demo but didn't think much about it until now is a distinct lack of vulnerability ru...

PeterT by L2 Linker
  • 9504 Views
  • 9 replies
  • 0 Likes

Active tunnel

I have created site to site vpn tunnels from a palo alto 3020 to ASA 5505 firewalls. The show green and active through the CLI and the web console. But when I try to ping a server on the other side of the tunnel I get no reply, is the tunnel up? Is it really passing traffic?

infotech by L4 Transporter
  • 12601 Views
  • 28 replies
  • 0 Likes

NFS monitor interval on panorama

Hello,Anyone know the monitor interval of nfs on panorama? In my case, there is a cluster which include 2 nfs server, everytime when the nfs cluster faliover were happened, the panorama will restart itself to change logdb, I found that all the time of nfs cluster failver should take 50 to 90sec, it would be taken too long time to complete nfs fa...

Resolved! block interne

Hi friends,How to block internet on our DB servers.RegardsSatish

Satish by L4 Transporter
  • 3673 Views
  • 4 replies
  • 0 Likes

Are DMZs still necessary?

We are running a PA-500. Given it's abilities I am wondering if a DMZ is absolutely necessary. Note: I realize this is a wide open question, what servers are we using, what operating system, etc. I am curious in more of a "general" sense.There are obvious situations where a DMZ is a no brainer, hosting a site with SQL, money transactions, et...

BobW by L4 Transporter
  • 7494 Views
  • 5 replies
  • 0 Likes

Resolved! Problem setting up a U-Turn NAT rule

Hi all,While trying to setup LSVPN on our HQ Palo Alto device, we ran into a U-Turn NAT issue. Let me first explain the setup:We setup an OCSP responder using a loopback Interface on the PA firewall. The private IP address of that loopback interface is 10.99.99.1/32. The private IP is not being used outside the firewall. Instead, all "clients" i...

oschuler by L4 Transporter
  • 7946 Views
  • 7 replies
  • 0 Likes

Decryption rule blocking traffic silently

I am running PanOS 6.0.3. I have a decryption rule that perfectly works most of the time. However I realized that in some specific situation it silently blocks the traffic. As I am quite new on Palo Alto, I do not know if I am misunderstanding something or if I found a bug.Here follows the exact description:1) Global rule decryption all traffic ...

PPPoE in A/P configuration

Hi,Just checking this will work:users---[switch]---[a/p ha pa500's]---[switch]---ntuSo the service provider requires a PPPoE client to use the link. The SP only allows one port on the NTU to be used and only supports a single PPPoE session.Can the PA500's in A/P HA happily maintain this PPPoE session?Thanks.Richard

IKE 500

Here is some traffic being sent from my DMZ to the internet and I am trying to determine whats happening. How would the community read this informationSession 192980 c2s flow: source: 172.17.1.5 [DR-DMZ] dst: 199.169.208.244 proto: 17 sport: 500 ...

infotech by L4 Transporter
  • 16342 Views
  • 32 replies
  • 0 Likes

Resolved! Custom URL Block Page

Hello Techies,I am in process to implement custom URL block page in addition to default block page. In need to add below additional things in my custom URL block page1. my company logo : Looking assistance to achieve2. whenever there is block URL message it should show mail to list -- Achieved please find full HTML code as below3. But when we c...

Resolved! Issue Setting Up a Policy for Plex

Ok so we are testing a way to transcode some videos to distribute to remote users and Plex is working well internally. I am now trying to set this up so that we can use externally as well. Here is what I have done.1) Created the Object Address for the Plex Server2) Created a Security Policy to allow inbound access to the Application "plex"3)...

  • 24332 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks