General Topics

Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

 

Rules and Best Practices

 

  1. Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion
...

JayGolf by Community Team Member
  • 660 Views
  • 0 replies
  • 0 Likes

Test commnad on the nat policies

Hello,

I did an upgrade from a 500 model to a 3020 model. All the configurations work just fine. The problem that I see is that I cannot test the nat-policy rules. I have the following configuration:

..

snat-all-LANs {

        from inside;

        source

...

Resolved! NAT based on URL or FQDN

Hi, I want to make a NAT based on a URL or FQDN.

I only have one public IP but several URL that I want to NAT to different inside servers.

I have this working on a ISA and want to do the same in the PA.

I have a PA 500 with 5.0.8.

Protecting private clouds

We are in the process of testing the deployment of Internet-facing services into Azure, such that they are accessible from the public Internet via Azure but have a VPN connection back into our environment. Obviously in this scenario we must rely on M

...

KGC by L3 Networker
  • 3055 Views
  • 2 replies
  • 0 Likes

Google-calendar-base from iOS devices


Hi,

I applied an SSL decrypt profile and with no blocking configuration if decryption would fail. Now I notice that on iPad with IOS7.0.x the calendar from google is not working.

It appears in the traffic log as decrypted and the application is seen on

...

Resolved! Active Active unique address on DevID 0 and DevID 1

Hello- I am reading through the docs on ActiveActive HA and floating IP.  The diagrams show that for intf  A there is a10.1.1.253 address on the Active-Primary intf and a 10.1.1.252 on Active Secondary.

My question is, how do I configure the different

...

dbrenipc by L3 Networker
  • 2905 Views
  • 2 replies
  • 0 Likes

Palo Alto Software/Threat/AntiVirus Update Policy

Hi,

I am having an internet facing firewall which needs to be kept updated with the Threat/AV software.

I have configured the service route to use the correct interface for updates. However, it still cant check and download the required updates. As it

...

DCN by Not applicable
  • 3705 Views
  • 5 replies
  • 0 Likes

Resolved! How can I edit group entry or delete group using xml-api?

Hello.

It is possible to create group and add group entry using XML-API at User-ID. like below.

<uid-message>

<version>1.0</version>

<type>update</type>

<payload>

<groups>

<entry name="group1">

<members>

<entry name="domain\user1"/>

<entry name="domain\user2"/

...

namok77 by Not applicable
  • 3070 Views
  • 2 replies
  • 0 Likes

Management Interface outside of firewall

Knowing that one does not *usually* put a device management interface outside of the firewall, on the public Internet, in the case of PAN gateways is there any severe problem with this? I have a situation where putting the management of these devices

...

  • 23954 Posts
  • 113 Subscriptions
Top Liked Authors
Labels