General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Resolved! dhcp server stops

Hi,

Panos ver 4.1.13 Dhcp server on layer3 interface suddenly stops.Restarting device fixes that.

error comes as Failure: dhcp server is not enabled on interface 'ethernet1/3'.

Anyone see that error ? Any idea ?

panos by L6 Presenter
  • 1902 Views
  • 1 replies
  • 0 Likes

Resolved! Global Protect password expire

Hi,

When clients connect to Global Protect they got a warning password will expire and it says 1 day.

I looked to LDAP profile it is as default 7

What could this warning be ? How can we disable this ?

We also checked Active Directory for password expire

...

panos by L6 Presenter
  • 9708 Views
  • 11 replies
  • 0 Likes

Resolved! Guest Network Setup

Hi - What is the best method to setup a guest L3 network in PanOS?

UntrustA = Corporate

UntrustB= Guest Internet

wDMZ = Wireless DMZ for Guest Internet

trust = Corporate

Requirements =

1. wDMZ needs to get to a few specific IP's on UntrustA.

2. wDMZ needs t

...

PA-500 and Jumbo Frames

Background:

I've been doing some testing with a pair of A/A PA-500's and decided to enable jumbo frames on a file server. I understand that the PA-500 does not support jumbo frames but when I begin a file transfer, it works, running at about 5,017 Kb

...

GtY007 by L0 Member
  • 3110 Views
  • 3 replies
  • 0 Likes

Qualys Scan alert on OpenSSH J-Pake

We run Qualys scans on the internal network, and it's picking up that the PA's are running OpenSSH ver 5.2. I receive the following warning:

OpenSSH, when J-PAKE is enabled, does not properly validate the public parameters in the J-PAKE protocol. This

...

dru by L0 Member
  • 4008 Views
  • 6 replies
  • 0 Likes

Having to reset the dataplane frequently

Hello,

We've been having an issue in our environment where we need to reset the dataplane because randomly packets will traverse our rules and start getting denied. We aren't sure why this is happening or what's causing it. What I'd like to know is if

...

grkchr by Not applicable
  • 4125 Views
  • 5 replies
  • 0 Likes

SSL based custom application also seen as SSL

Hi,

I set up an SSL based custom application for a specific web application in the company.

I followed this document :

But when I look at the traffic logs, for every connection to this application I have :

- 1 log that shows traffic as "ssl" application

...

mattieub by L0 Member
  • 2221 Views
  • 2 replies
  • 0 Likes

Resolved! Global Protect and HIPS

We have setup Global protect and are able to connect to our network.

Once we add a HIPS profile all the traffic gets denied. The only setting in the HIPS profile is the OS is microsoft.

We are currently using Software version 5.0.6 and global protect 1

...

murphyj by L2 Linker
  • 5807 Views
  • 8 replies
  • 0 Likes

Resolved! Palo Alto cant filter users in a group

Hi,

I have a PA2050 v(4.0.11) and PAN-Agent for ldap users and groups. I have created a a group in my Active directotory and i configure a policy for this group but i try to check this policy with one user in this group and firewall dont let me passtr

...

Resolved! user-id agent commit issue

Hi team,

I have got issue when trying to commit our configuration on User-id agent.

User-id agent can not to connect AD without commit.

Who have an experience of this, please help.

BR

Ulugbekyu by Not applicable
  • 3613 Views
  • 4 replies
  • 0 Likes

Maximum latency between HA peers?

Whats the maximum latency allowed for HA peering links (e.g HA1 control and HA2 keep-alive) between devices setup in active/passive HA pair?

i.e based on the latency can determine the approximate distance that HA pairs can be physically separated.. 1K

...

CMG by L2 Linker
  • 4165 Views
  • 1 replies
  • 0 Likes

Site-to-Site vpn and NAT

Hello,

I have one vpn configuration question, I hope somebody can help...

I am configuring vpn site-to-site in my site PaloAlto, other site is not important in this case.

I am making source and destination NAT for the traffic that is used for vpn. The p

...

aaputis by L0 Member
  • 3553 Views
  • 3 replies
  • 0 Likes
  • 23595 Posts
  • 103 Subscriptions
Top Solution Authors
Top Liked Authors
Labels