General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

URL re-write

Hi!Is there anyone who can tell us if there will or will not be url re-write in the future, and if there is a possibility to define approximate time/date?Greets.

Object address with Security rule stops VM from allocating IP

I have a Esxi Server with a particular VM machine on it. If I reboot that machine it does not give it the configured IP address that I have set it for. If I try go in and manually tell it to use the IP address it is assigned it tells me that this IP address is already in use.If I go and change the Object IP address in Palo Alto Firewall then it ...

JRussell by L3 Networker
  • 3161 Views
  • 4 replies
  • 0 Likes

Resolved! PA Ipsec 2/3 phase 2 coming up only

Hi there,I have a unique linux firewall box (that connects back to PA via Ipsec tunnels) on one of my sites. It is unique in the fact it requires 5 NIC's for the networks there. It only uses 3 phase 2 Ipsec tunnels which is the same on all my sites, but I have noticed some issues.Namely that some of the time only 2 out of 3 tunnels come up. Some...

JRussell by L3 Networker
  • 5595 Views
  • 5 replies
  • 0 Likes

Resolved! Vwire on MPLS link ?

Would vwire on an MPLS link be supported ?I guess that traffic will be passed, but will the firewall be able to see/inspect the real data ( and thus strip of the mpls headers ?)Bart.

bjocque by L1 Bithead
  • 4699 Views
  • 3 replies
  • 0 Likes

Multiple Panorama Problems

I have multiple issues with Panorama that may, or may not, be connected:-Getting 'No Update Information Available' when looking for the latest software packagesWhen it sometimes does work, when trying to download latest (6.0.1) image we get an authentication\integrity error on the package.Upgraded Panorama to v6.0.0 (from 5.0.11) to see if this ...

apackard by L4 Transporter
  • 4015 Views
  • 4 replies
  • 0 Likes

Updates - everything seems to resolve to San Jose?

I thought that updates.paloaltonetworks.com uses a CDN so if you're in Europe you use a local server for updates.From the UK it resolves to an IP in San Jose and this seems to be the case on any online lookup tool and traceroutes from various sources all go to San Jose.I'm asking because of the issues I'm having with downloading WildFire updates...

VPN Performance Problem

Just wanted to all let you know about a VPN performance issue we have with one of our customers.The customers is running an IPSec Site2Site Tunnel to a third party company (Cisco Device). They have a PA-5020 Cluster (5.0.12) and the Tunnel link is providing 1Gb/s throughput. Now all was working fine until the customer added a source NAT for the ...

gafrol by L4 Transporter
  • 4078 Views
  • 6 replies
  • 0 Likes

PA-FW Update getting Fail

Dear Experts,We have PA-FW getting fail during the Update. Firewall has three zones: Inside,Outside and DMZ.Management IP address of PA-FW is passing through Inside zone of the PA-FW. Management interface of the FW has the gateway on the core switch and core-switch has the default gateway of the Inside zone interface.In the traffic logs.. The co...

Custom App for local Proxy

Hi community.Is there an option to setup a custom app for a locally installed proxy. The idea is to distinguish if the local proxy or a proxy somewhere is used. App override is not a valid solution because of lose all the Content-ID features.Best regards, Markus

invalid configuration. Schema verification failed. profiles -> decryption unexpected here.

Hello,Out of the box PA-500 steps taken,1. down graded version to 4.1.10 successfully.2. under device -> setup -> management, i changed the management interface IP, and on commit I get the following error.commit failedinvalid configuration. Schema verification failed.profiles -> decryption unexpected hereDid some searching on support bu...

where is stats-dump refer to the following logdb-quota?

Hello~,I feel like that When do export stats-dump file, stats-dump doesn't refer to original traffic log.what do you all think about that?it depends on customer network size until traffic full.Traffic Logs have stored only for two days.Related logs more store logs than traffic log in ACC.

versioned configuration files locked

Hello,Since my partner finished commit of a PA-500, I have found the versioned configuration files locked on No.11, show as below. I have no idea about why it happened. This problem make this device stop to increase versioned configuration files after committed. How can I fix it ?PS: It's OK to delete all configuration if necessary.

  • 24400 Posts
  • 123 Subscriptions
Top Solution Authors
Labels