This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

DNS Proxy Errors

We have a remote office using a PA-200 in the middle east. I configured it to use DNS proxy with caching to lower the time for resolution over the VPN tunnel back to our corporate DNS servers in the US. We also have intermittent disconnects due to the unreliable internet connection there and this seemed to help eliminate some of the complaints o...

CRL not downloading

Hi,I have just noticed that my PA-2050 has in it's system logs regular entries as follows:Failed to get CRL http://crl.godaddy.com/gds1-16.crlI also get similar entries for every different certificate server I can think of.Reason I ended up looking at this stuff was actually for a different certificate error.The other problem I get is when I log...

Strachf by L1 Bithead
  • 5284 Views
  • 4 replies
  • 0 Likes

Multisite vpn question

I am in the process of planning out a spoke/hub type PA vpn setup. I'm working with the networking team to carve me out enough addresses for each remote site. What I'm wondering is if each remote site can connect back to the main HQ PA (5000) so I wouldn't need to have a separate ip address for each remote site connection? Any help is appreci...

gmchenry by L1 Bithead
  • 2680 Views
  • 1 replies
  • 0 Likes

UserID problems

HI,we just migrated from 5.0.3 to 5.0.6. And we are having some problems with the mapping in UserID. For some users the UserID is working correctly but for others users is not working...I attached how this uses jloa log in, but i cant in the show useradmin@FW1(active)> show user ip-user-mapping all | match jloaI have refresh the cache for us...

Application Incomplete - Leading causes?

So im doing work on our DR site. Two diff setup scenarios are failing; NAT over a VPN and routing from one PA to another and out a VPN. I can see the rule letting the packets out so a session should start for the return trip but .. nothing.Both scenarios show Application incomplete; what are the leading causes of this? Incomplete handshake? So m...

choff123 by L3 Networker
  • 14235 Views
  • 13 replies
  • 0 Likes

Resolved! Strange output from Nmap

HiI have PA200 with 5.0.7 with latest updates and I try to nmap scan (from untrust zone) one of my servers from DMZ. Output is strange Nmap scan report for X.X.X.XHost is up (0.020s latency).Not shown: 965 filtered portsPORT STATE SERVICE21/tcp open ftp30/tcp open unknown80/tcp open http443/tcp open https548/tcp open afp66...

_slv_ by L4 Transporter
  • 13037 Views
  • 7 replies
  • 0 Likes

PA Cluster and Panorama Template

Heyi am trying to understand how to use Pannorama with PA clustermy view of panorama is: if you have pannorama you should never have to login to the PA itself for configuration.right now i have one PA cluster and one pannorama server (the PA have a customer configuration on it)i started playing and testing for what i will do so my steps where un...

minow by L4 Transporter
  • 2289 Views
  • 1 replies
  • 0 Likes

PA200 sizing

Hi all,would a PA200 fit in such scenario?lan users: 70-100wan connectivity: 10Mbps(so basically 2-zone traffic)Threat prevention: yes (inbound and outbound traffic)URL filtering: yes for all usersVPN tunneling: yes (remote access only for few users)Though being the smallest of its breed, according to data sheets this unit is fairly sized for th...

Active / Active Config sync

I am setting up a pair of 5020's in an Active / Active configuration.I am getting confused over the config sync feature and have been overwriting configs on each box.i.e I configured some aggregate interfaces on Box 1 and then I synced the config on Box 2 which overwrote the config and wiped them out.I am also in a situation now where the GUI sa...

rperkin by Not applicable
  • 3485 Views
  • 2 replies
  • 0 Likes
  • 24381 Posts
  • 123 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks