This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4474 Views
  • 0 replies
  • 0 Likes

Resolved! Is there a way to limit the number of logged in administrators?

This came up as a question during a class and to my knowledge there is not a way to limit the number of logged in administrators, however the student asking presented a reasonable case; In a service provider or large enterprise environment during a network event multiple administrators log into the firewall and begin looking at filtered logs. ...

gelgin by L2 Linker
  • 3995 Views
  • 3 replies
  • 0 Likes

Resolved! Tips on configuring a secondary internet connection using Verizon Cradlepoint 4G router (ARC750B)

We are a small shop and have a single PA-200 with one internet connection. We would like to add a backup internet connection using a Cradlepoint 4G router. What is the best way to configure this and how do we control the fail over or manually changing to the 4G connection if the primary is down? The Cradlepoint seems to have built-in failover ca...

Resolved! Configuration of Palo Alto's in a NIST SP 800-70 Environment (mostly IPv6 blocking related)

Recently as part of our PA-3200 deployment been going through the joys of implementing NIST SP 800-70 configuration controls which in this case means the DoD STIG's (specifically Firewall and IDS STIG, v8 r17) and running into a problem which I noticed during my demo but didn't think much about it until now is a distinct lack of vulnerability ru...

PeterT by L2 Linker
  • 9769 Views
  • 9 replies
  • 0 Likes

Active tunnel

I have created site to site vpn tunnels from a palo alto 3020 to ASA 5505 firewalls. The show green and active through the CLI and the web console. But when I try to ping a server on the other side of the tunnel I get no reply, is the tunnel up? Is it really passing traffic?

infotech by L4 Transporter
  • 13195 Views
  • 28 replies
  • 0 Likes

NFS monitor interval on panorama

Hello,Anyone know the monitor interval of nfs on panorama? In my case, there is a cluster which include 2 nfs server, everytime when the nfs cluster faliover were happened, the panorama will restart itself to change logdb, I found that all the time of nfs cluster failver should take 50 to 90sec, it would be taken too long time to complete nfs fa...

Resolved! block interne

Hi friends,How to block internet on our DB servers.RegardsSatish

Satish by L4 Transporter
  • 3796 Views
  • 4 replies
  • 0 Likes

Are DMZs still necessary?

We are running a PA-500. Given it's abilities I am wondering if a DMZ is absolutely necessary. Note: I realize this is a wide open question, what servers are we using, what operating system, etc. I am curious in more of a "general" sense.There are obvious situations where a DMZ is a no brainer, hosting a site with SQL, money transactions, et...

BobW by L4 Transporter
  • 7727 Views
  • 5 replies
  • 0 Likes

Resolved! Problem setting up a U-Turn NAT rule

Hi all,While trying to setup LSVPN on our HQ Palo Alto device, we ran into a U-Turn NAT issue. Let me first explain the setup:We setup an OCSP responder using a loopback Interface on the PA firewall. The private IP address of that loopback interface is 10.99.99.1/32. The private IP is not being used outside the firewall. Instead, all "clients" i...

oschuler by L4 Transporter
  • 8176 Views
  • 7 replies
  • 0 Likes

Decryption rule blocking traffic silently

I am running PanOS 6.0.3. I have a decryption rule that perfectly works most of the time. However I realized that in some specific situation it silently blocks the traffic. As I am quite new on Palo Alto, I do not know if I am misunderstanding something or if I found a bug.Here follows the exact description:1) Global rule decryption all traffic ...

PPPoE in A/P configuration

Hi,Just checking this will work:users---[switch]---[a/p ha pa500's]---[switch]---ntuSo the service provider requires a PPPoE client to use the link. The SP only allows one port on the NTU to be used and only supports a single PPPoE session.Can the PA500's in A/P HA happily maintain this PPPoE session?Thanks.Richard

IKE 500

Here is some traffic being sent from my DMZ to the internet and I am trying to determine whats happening. How would the community read this informationSession 192980 c2s flow: source: 172.17.1.5 [DR-DMZ] dst: 199.169.208.244 proto: 17 sport: 500 ...

infotech by L4 Transporter
  • 17026 Views
  • 32 replies
  • 0 Likes

Resolved! Custom URL Block Page

Hello Techies,I am in process to implement custom URL block page in addition to default block page. In need to add below additional things in my custom URL block page1. my company logo : Looking assistance to achieve2. whenever there is block URL message it should show mail to list -- Achieved please find full HTML code as below3. But when we c...

  • 24379 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks