General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

How and Why to Accept a Solution to Your Post

Did you know that you can help your fellow community members by accepting solutions when a reply answers your question Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature

...

JayGolf_0-1691518400714.jpeg
JayGolf by Community Team Member
  • 1972 Views
  • 1 replies
  • 11 Likes

Radius access for MGT conflict radius for user access.

Dear,

we use radius profiles for internal users towards a customer internal network policy server and so. The administration of the palo firewall is done via the MGT interface on a dedicted pvlan based administration network. We want to enable radius

...

gejack by L1 Bithead
  • 2198 Views
  • 1 replies
  • 0 Likes

Can I use DNS Proxy to Host External DNS?

Hello,

I'm going through my first ever configuration of a PAN-500, coming from the McAfee Secure Firewall (Sidewinder). Our current firewall authoritatively hosts our external DNS records pointing to our MX records, etc, and I wanted to know if it's p

...

Resolved! Support SSL/TLS Ciphers supported??

Hello Group

I am looking for the official list of supported and unsupported SSH/SSL ciphers on the Palo Alto Networks solution.

Maybe I am not necessarily looking in the right location.

Thank you.

scantwell by L4 Transporter
  • 3043 Views
  • 2 replies
  • 0 Likes

Resolved! Security Profile default actions

Once again I find myself searching for documentation, once again I am disappointed. There have been a couple posts over the years asking to see the magical "default actions" and the standard answer is "here's how, go look yourself"

This is an unaccept

...

dsinnott1 by Not applicable
  • 3788 Views
  • 5 replies
  • 0 Likes

Product sizing

hi

what is the best way to size an appliance to find which model fits the customer network, is there a tool or a technique for it ? ..

u3974 by Not applicable
  • 2556 Views
  • 3 replies
  • 0 Likes

Resolved! Interface "attack" counters

Hi,

With the command "show counter interface ethernet1/X" i see several counters related to different kinds of "attacks".

land attacks                         ping-of-death attacks                teardrop attacks                     ip spoof attacks   ...

torm by L4 Transporter
  • 2462 Views
  • 1 replies
  • 0 Likes

search traffic logs by vsys in CLI

Does anyone know how to specify your traffic logs by vsys and add multiple search parameters of the same type like you can in the gui? We are running PanOS 4.1.7. Notice that the app option does not show up anymore and and there is no vsys option.

PA-

...

Jinx by L1 Bithead
  • 2138 Views
  • 1 replies
  • 0 Likes

How do you allow Polycom (nat) via Palo Alto FW?

Hi,

I'm having issue with configuring NATing for my Polycom unit sitting behind the firewall to work.  I have allowed all the required apps for Polycom to allow outgoing and incoming.  My issue is when I can only call out to another party with public

...

akatev by L0 Member
  • 7467 Views
  • 15 replies
  • 0 Likes

Resolved! about certificate expired date

Hi All,

Is there any way to custom certificate expired date that generate by paloalto itself ?  I saw it on webpage that is too short, it only have six monthes.

Thanks.

Regards,

Joy

Resolved! SSL decryption - Forward UNtrust certificate presented

Hello,

We experienced a problem with a specific SSL encrypted site: https://panakeia.infoman.de/

The original certificate is issued to "*.infoman.de" and was issued by Go Daddy (--> InfomanCert_Original.png). It seems to be perfectly valid but still ou

...

oschuler by L4 Transporter
  • 7512 Views
  • 7 replies
  • 1 Likes