General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

 

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! 

 

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 473 Views
  • 0 replies
  • 0 Likes

Beginner questions

Hi

i am a beginner in paloalto networks.

Can some one please help me to know the below doubts.

Cli "telnet command"  option is not seen in 5.0.0 version

How can we take config backup automatically scheduled

Admin accounts are synchronized in HA active -

...

IPsec Site to Site Tunnel Crypto

All,

First, please forgive me if this has been asked before, I wasn't able to find anything conclusive with any good explanation.

Recently I renewed a couple of web server certificates and in doing so the CA recommended that I use SHA2 with a 256-bit m

...

cmateam by L3 Networker
  • 4801 Views
  • 3 replies
  • 0 Likes

Resolved! Receiving "Internal error" on commit

Running 4.1.6 on 5050's with a Active/Passive HA.

I activated the PAN-DB filtering on my Active firewall and then rebooted it, it failed over to the passive firewall just like it should.  However, when my firewall came back up it came up as having HA

...

Brinkman by Not applicable
  • 9565 Views
  • 3 replies
  • 0 Likes

multiple VLANs on one security zone - possible?

Hi

I need your help with one (probably simple for You problem).

I have PA200 but I have only one "free" security zone and one phisical interfece free.

I need to create 4 local networks (as a subinterfaces/VLAN) that every one has their own adresses, dhc

...

_slv_ by L4 Transporter
  • 8866 Views
  • 19 replies
  • 0 Likes

Resolved! autocommit fail

Hi,

upgrading from 4.1.13 to 5.0.0 using upload option;

device boots and at %10 for autocommit it fails and again and again trying to autocommit and fails at %10

any idea ?

panos by L6 Presenter
  • 2792 Views
  • 1 replies
  • 0 Likes

Resolved! log export

Hi,

When exporting logs from Monitor / Traffic tab to excel file is there a way not to export all columns(fields) ?

panos by L6 Presenter
  • 1951 Views
  • 1 replies
  • 0 Likes

Resolved! dhcp server stops

Hi,

Panos ver 4.1.13 Dhcp server on layer3 interface suddenly stops.Restarting device fixes that.

error comes as Failure: dhcp server is not enabled on interface 'ethernet1/3'.

Anyone see that error ? Any idea ?

panos by L6 Presenter
  • 2202 Views
  • 1 replies
  • 0 Likes

Resolved! Global Protect password expire

Hi,

When clients connect to Global Protect they got a warning password will expire and it says 1 day.

I looked to LDAP profile it is as default 7

What could this warning be ? How can we disable this ?

We also checked Active Directory for password expire

...

panos by L6 Presenter
  • 10762 Views
  • 11 replies
  • 0 Likes

Resolved! Guest Network Setup

Hi - What is the best method to setup a guest L3 network in PanOS?

UntrustA = Corporate

UntrustB= Guest Internet

wDMZ = Wireless DMZ for Guest Internet

trust = Corporate

Requirements =

1. wDMZ needs to get to a few specific IP's on UntrustA.

2. wDMZ needs t

...

PA-500 and Jumbo Frames

Background:

I've been doing some testing with a pair of A/A PA-500's and decided to enable jumbo frames on a file server. I understand that the PA-500 does not support jumbo frames but when I begin a file transfer, it works, running at about 5,017 Kb

...

GtY007 by L0 Member
  • 3554 Views
  • 3 replies
  • 0 Likes

Qualys Scan alert on OpenSSH J-Pake

We run Qualys scans on the internal network, and it's picking up that the PA's are running OpenSSH ver 5.2. I receive the following warning:

OpenSSH, when J-PAKE is enabled, does not properly validate the public parameters in the J-PAKE protocol. This

...

dru by L0 Member
  • 4611 Views
  • 6 replies
  • 0 Likes

Having to reset the dataplane frequently

Hello,

We've been having an issue in our environment where we need to reset the dataplane because randomly packets will traverse our rules and start getting denied. We aren't sure why this is happening or what's causing it. What I'd like to know is if

...

grkchr by Not applicable
  • 4888 Views
  • 5 replies
  • 0 Likes

SSL based custom application also seen as SSL

Hi,

I set up an SSL based custom application for a specific web application in the company.

I followed this document :

But when I look at the traffic logs, for every connection to this application I have :

- 1 log that shows traffic as "ssl" application

...

mattieub by L0 Member
  • 2482 Views
  • 2 replies
  • 0 Likes
  • 24086 Posts
  • 116 Subscriptions
Labels