General Topics

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer!

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free

Hey Everyone!

The Fuel User Group is now part of LIVEcommunity! If you haven’t come across Fuel before, it’s a space where you can connect with fellow cybersecurity folk, share knowledge, and learn from each other. It’s completely free as well! Fue

...

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

Rules and Best Practices

Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion

...

Port Forwarding Without NAT

So, I have a very interesting network. I have a media server that is on a separate VLAN. There is no way for me to statically configure the client(s) with a static IP (they just search for the server). It uses tcp/32400. Basically, my host will s

...

Resolved! NAT exclude

Hi,

is it possible to make exceptions/exclusions for a NAT rule? Think of this scenario:

small PA-200 setup
only one external/public IP address
that IP address is used for a lot of incoming NAT
the NAT rule basically forwards everything from the external

...

Best practice for demo PAN in Tap mode

Hi,

I have to demo PAN in 3 Legs firewall compose Internet, DMZ and Internal zones. so I have some question regarding to this.

1. What mode on mirror I should config on the firewall, TX or RX or TX and RX ?

2. Should I configure virtual system for each

...

Report creating Question

Hi,

I'm quite new to PAN firewalls, and I find the ACC page to be very informative and can usually find all the info I need from there.

However, I've just had the IT manager request (and omg hes not a happy camper at me) a report of the usage of our in

...

Monitoring site-to-site IPsec tunnel bandwidth via SNMP?

Do the tunnel interfaces that get created as part of building a Site-to-Site IPSec tunnel show up via SNMP interface polling? That would be awesome if we could monitor tunnel bandwidth by walking the device and monitoring the ifInOctets and ifOutOcte

...

Resolved! User-ID Management Setting

In the device management settings there is now a "User-ID" checkbox. I have looked at the administrators guide but it doesn't mention it, presumably because it is fairly new.

What does this actually control, because the user-id agent on the box works

...

Global Protect Architecture

Guys ,

Need some guidance here . One of our client with an MPLS network wants to build a GP network . They are looking at buying a portal for a PA 5050 and have GP gateway licenses for each local box . The issue is the local boxes wre on different net

...

Resolved! Debug Flow Basic in PAN-OS 5.0.4 (PA 2050)

I have been having problems with running Debug Flow Basic since upgrading from PAN-OS version 4.1.6 to 5.0.4.

I am using the following commands to setup my debug:

debug dataplane packet-diag set log feature flow basic

debug dataplane packet-diag set cap

...

Resolved! I don't know how to set zone protection

Hi~

I have a question,,

We know that,,,

Paloalto appliance is not primary dos soultion

so one support some dos feature (TCP Flood, UDP Flood, ICMP 0 Packet someting like that etc,,)

I had poc from customer site

I set zone protection between Tap Zone and Ta

...

Resolved! DHCPv6 relay - "interface is not on"?

Hi.

I'm trying to configure DHCPv6 relay for a few interfaces. One of the interfaces works perfectly, but three others doesn't work at all.

On the interface where the relay is working I can see the traffic flow in the traffic log, but on the interfaces

...

Huge data transfers between remote DC and PAN Agent

Hi Team,

We have had issue with huge data transfers between PAN agent and remote DC's

We have observed lot of data activity between the PAN Agent and other Domain Controller servers on the WAN.

For instance, in the last one hour our Router accounting

...

Resolved! PA-200 doing PPPoE - gripes? concerns? it worked great?

Does anyone have any experience using a PA200 at a remote location, doing PPPoE over DSL? We're contemplating rolling out a PA200 at a remote site, and I was curious if anyone had any input.

Interface L2

Hi guys i have a doubt about L2 Interface!

Palo Alto check triple hand shake when interfaces are on L2 ?

Because i have some troubles with asymetric environment and i`m planning deploy on L2.

Regards!

REST API and HA

If I use the REST API to pass user ID mappings from my RADIUS servers into the firewalls, what should I do when they are in an HA pair?

Because I don't necessarily know which with be the active one, should I just write to one and if that fails, swap t

...

Resolved! How the global protect client is redirected to the best gateway?

Hello all

I'm looking for an explanation of the mecanism for redirection of globalprotect client to best gateway, it s base on the response time, if yes how it's work.

thank

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free