General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Ensuring a Safe and Secure Community: How You Can Help

 

Dear LIVEcommunity Members,

 

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

safe-community_oct24.jpg
report-content.jpg
jforsythe by Community Team Member
  • 425 Views
  • 0 replies
  • 2 Likes

Global Protect bugs/enhancements

I may be doing something wrong on my end, but I have a few things that could improve the product a bit.  I am using the latest version 1.2.3-6.

1) When using On-Demand basic mode I cannot click File > Connect.  The option is grayed out.  However I can

...

nthen by L3 Networker
  • 1825 Views
  • 1 replies
  • 0 Likes

Authentication after blocked page

Dear All,

If I have two groups of users, one with more restrictive access to the internet via URL Filtering than the other.

If the more restrictive group access the internet and receive a block page as their policies do not allow access to that resourc

...

JAG by L1 Bithead
  • 2414 Views
  • 3 replies
  • 0 Likes

SSL Decryption

Hi All, I have an issue with SSL decryption and using the inbuilt CA. What appears to happen is that various parts of SSL websites don't trust the CA on the palo alto and as a consequence sites do not load fully and report various certificate issues.

...

Resolved! Ubuntu and PA-200 DHCP

I'm having a problem with mostly Ubuntu users not being able to resolve DNS. I say mostly because there is at least one Windows user having the same problem. None of the Mac workstations are having the same problem and the majority of the Windows mac

...

Global Protect - How does patch matching work?

Can someone please detail how a HIP profile for missing patches works?  I have tried every combination possible and I always get the same result.

My Criteria is as follows:

Patching is Enabled Yes is Installed Checked

Severity - Greater than 2 (Which me

...

allens by Not applicable
  • 2375 Views
  • 1 replies
  • 0 Likes

Antivirus DB not showing up on inactive HA node

Hi,

I have a pair of PA-500 in an active/passive cluster. The Dashboard says that all content is matching between the nodes. However, if I go into Device->Dynamic Update on the secondary node, there is no Antivirus in there. I can only see it on the p

...

Resolved! Policy Based Forwarding - Enforce Symmetric Return

Hi,

I am planning a firewall migration right now and trying to solve the problem that traffic comes in through two different interfaces during the migration (Internet through old firewall, Internet through new firewall). I was looking at policy based

...

Port Forwarding Without NAT

So, I have a very interesting network.  I have a media server that is on a separate VLAN.  There is no way for me to statically configure the client(s) with a static IP (they just search for the server).  It uses tcp/32400.  Basically, my host will s

...

Resolved! NAT exclude

Hi,

is it possible to make exceptions/exclusions for a NAT rule? Think of this scenario:

  • small PA-200 setup
  • only one external/public IP address
  • that IP address is used for a lot of incoming NAT
  • the NAT rule basically forwards everything from the external
...

Best practice for demo PAN in Tap mode

Hi,

I have to demo PAN in 3 Legs firewall compose Internet, DMZ and Internal zones. so I have some question regarding to this.

1. What mode on mirror I should config on the firewall, TX or RX or TX and RX ?

2. Should I configure virtual system for each

...

Report creating Question

Hi,

I'm quite new to PAN firewalls, and I find the ACC page to be very informative and can usually find all the info I need from there.

However, I've just had the IT manager request (and omg hes not a happy camper at me) a report of the usage of our in

...

Resolved! User-ID Management Setting

In the device management settings there is now a "User-ID" checkbox.  I have looked at the administrators guide but it doesn't mention it, presumably because it is fairly new.

What does this actually control, because the user-id agent on the box works

...

djr by L4 Transporter
  • 3173 Views
  • 5 replies
  • 0 Likes

Global Protect Architecture

Guys ,

Need some guidance here . One of our client with an MPLS network wants to build a GP network . They are looking at buying a portal for a PA 5050 and have GP gateway licenses for each local box . The issue is the local boxes wre on different net

...

usvi by L3 Networker
  • 2324 Views
  • 3 replies
  • 0 Likes

Resolved! Debug Flow Basic in PAN-OS 5.0.4 (PA 2050)

I have been having problems with running Debug Flow Basic since upgrading from PAN-OS version 4.1.6 to 5.0.4.

I am using the following commands to setup my debug:

debug dataplane packet-diag set log feature flow basic

debug dataplane packet-diag set cap

...

debsPal0 by Not applicable
  • 3033 Views
  • 2 replies
  • 0 Likes
  • 23697 Posts
  • 110 Subscriptions
Top Solution Authors
Labels