General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Ensuring a Safe and Secure Community: How You Can Help

 

Dear LIVEcommunity Members,

 

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

safe-community_oct24.jpg
report-content.jpg
jforsythe by Community Team Member
  • 271 Views
  • 0 replies
  • 1 Likes

Resolved! OSPF between PAN devices

Hi all,

I have the following scenario:

CPD 1: Internet ISP1 -- PAN1 -- ROUTER1

CPD 2: Internet ISP2 - PAN 2 -- ROUTER2

And a layer 2 connection between CPD1 and CPD2 (in different locations). Initially, there were only router1 and router2 (with their res

...

Resolved! is this possible for syslog

Hi,

We want all policies option log forward as syslog.Can we make this for all policies at one time or shoul we go to every policy option to select syslog. There are many policies.

Thanks.

panos by L6 Presenter
  • 3424 Views
  • 4 replies
  • 0 Likes

PA500 arp cache limit reached - any ideas?

Hi

I have 2 PA500 firewalls running in a active/passive HA setup, the firewalls are fully integrated into active directory using the Identification client for security polices all clients on the network are set to use our core switch as their default

...

IPSEC VPN Tunnel Problem

PAN PA2020 PAN OS 4.16

I have a point to point vpn setup from our company to another company that is hosting our financial application.

We have 10 different proxy IDs setup to limit subnet's that can access the vpn for example:

Almost everyday, all pro

...

almay by L2 Linker
  • 3136 Views
  • 2 replies
  • 0 Likes

How to "fix" vulnerabilities.

Hi,

I have a lot of vulnerabilities that keeps triggering in my firewall, but I'm not sure whats causing it or how to fix it. 

Most "attacks" are done by servers or clients on my own network...

- Microsoft Windows SMB Fragmentation RPC Request Attempt

...

johnd by L2 Linker
  • 2598 Views
  • 2 replies
  • 0 Likes

Resolved! SSL for GlobalProtect / Captive Portal

Hi All,

I'm attempting to install a wildcard certificate on the firewall for Global Protect and Captive Portal without much luck.

Basically I'm trying to use the existing wildcard certificate, the organization has. Steps I've taken:

1) Export the certif

...

BTS_MS by L2 Linker
  • 3817 Views
  • 2 replies
  • 0 Likes

VoIP over NAT issues: Ring but no audio; disconnects

I have our VoIP PBX set up with an IP on our external side via NAT. The policy is a simple static NAT from the internal IP to the external. I also have the correct security policies in place to allow SIP/RTP traffic to pass freely to and from the ext

...

Resolved! PA-2000 HA Timers

Currently if I hard power down my primary firewall it takes about 6 Seconds for the secondary to take over, a bit slow really.

Changed most of the HA timers to their minimum, just checking to see if there is any other configuration that can be changed

...

http forward to proxy

Hi,

I try to forward my WiFi mobile users http communications to my proxy.

WiFi mobile users and proxy are in two different VLAN plug on Palo Alto (default gateway of mobile users and proxy is Palo Alto Firewall).

Is it possible with Palo Alto?

The probl

...

mlop by Not applicable
  • 9272 Views
  • 13 replies
  • 0 Likes

Resolved! Using ISA for OWA

Hi All

I'm looking to replace our Fortigate 110c with a new PA-500 and I've managed to write the security and NAT policies which when tested seemed to work well apart from OWA.

We have an ISA 2006 server which publishes OWA and OMA on a public IP and h

...

TDC by L1 Bithead
  • 2653 Views
  • 3 replies
  • 0 Likes

Resolved! Session timeout

Hi All,

i want to ask about session timeout setting in palo alto.

if we create policy to allow traffic from trust to untrust with service http (custom http port 80)

1. what is default session timeout for http traffic?

from my testing it will hit web-brow

...

el by Not applicable
  • 3815 Views
  • 2 replies
  • 0 Likes

Palo Alto in Cisco network with VRF lite

BRosenba asked this question last year.  "We've recently purchased an HA pair of PA 5050s. We are planning to utilize the devices in cooperation with some Cisco core switching hardware and VRF lite to segment/secure internal traffic as well as traffi

...

oshcomp by Not applicable
  • 4731 Views
  • 1 replies
  • 1 Likes

Resolved! Control OWA

Hi

I want to stop our users from accessing company email from their home (non company supplied) PCs using OWA. I still want to allow access to our email systems through webmail/https

Can this be achieved by app filters (MAPI, Active sync) OR do I need

...

djrodb by L3 Networker
  • 4110 Views
  • 4 replies
  • 0 Likes
  • 23637 Posts
  • 107 Subscriptions
Top Liked Authors
Labels