General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Threat Vector, a Unit 42 Podcast, is Now on LIVEcommunity!

We have some exciting community news to share: Threat Vector, a Unit 42 podcast, is now on LIVEcommunity!

 

Threat Vector is your compass in the world of cyberthreats. Listen to this biweekly podcast to learn about unique threat intelligence, cutting

...

jforsythe by Community Team Member
  • 238 Views
  • 0 replies
  • 0 Likes

How and Why to Accept a Solution to Your Post

Did you know that you can help your fellow community members by accepting solutions when a reply answers your question. Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature

...

JayGolf_0-1691518400714.jpeg
JayGolf by Community Team Member
  • 3551 Views
  • 2 replies
  • 14 Likes

Resolved! Unable to access PA-500 via GUI/SSH on v4.1.7

Greetings,

I have a pair of PA-500s running HA version 4.1.7.  The web interface (GUI) and SSH access to active device was lost for some unknown reason.  The only configuration change done was to set action for a security rule to deny which otherwise

...

Resolved! Captive Portal Session Timeout

You can set the Timeout value of captive portal. Default is 60 min. In my case it is 240 min.

But this is the max TTL. There is a default TTL of 900 sec(15min)

So when a logged on user does not create any traffic for 15 min then the user must logon aga

...

u2343 by Not applicable
  • 6097 Views
  • 6 replies
  • 0 Likes

Resolved! M-100 appliance

Hi there,

Who can tell me more about this appliance? By the look of things this is a server where you can run panorama, capture syslog file ect on. I would use it to run panorama on so do I still need to run the panorama on VMware?

Please provide as mu

...

DendreT by L1 Bithead
  • 2548 Views
  • 2 replies
  • 0 Likes

Resolved! Certificate import issues

I'm having terrible problems importing a trusted certificate into my PA.

I've followed the following guide - https://live.paloaltonetworks.com/docs/DOC-3502

I can create the key ok

I can create the CSR ok

I then submit the CSR to Thawte which then gets a

...

djrodb by L3 Networker
  • 9407 Views
  • 5 replies
  • 0 Likes

LDAP PROXY not working

Hello,

I have a problem with User ID agent configured in LDAP 'proxy' mode.

Normally, with this 'proxy' flag enabled in the user Agent configuration, the 'show user group list' command should return the list of AD group.

Unfortunately, this list is empt

...

licenselu by L4 Transporter
  • 1342 Views
  • 0 replies
  • 0 Likes

Resolved! PAN-OS 5

so the long-awaited v5 is now available.  What are the implications of upgrading to it?

  • is rollback to v4 straightforward (we're on 4.1.8 now)?
  • does it force you to use the new PAN web-filtering database, or can you continue to use Brightcloud?
  • Do we ne
...

UserID is not working for all applications

Hello,

I tried to make some policy rules for access to a specified group form LAN to DMZ. These rules work for applications like RDP en WEB. But when i try to do the same for applications msrpc or ms-ds-smb, then userid is not working.

Also when this p

...

RHN by L0 Member
  • 1470 Views
  • 0 replies
  • 0 Likes

Simultaneously connections with NetConnect

We recently replaced our 2 remote sites with PA-500 and PA-2050.  We still use NetConnect and currently we can't simultaneously connect to both sites.  Is there a way to make this happen?  We have to disconnect one site then make a connection to the

...

Auto-update not functioning

Currently whenever our palo alto 5050s do their dynamic updates they are not finding any new updates to antivirus, applications, or URL filtering. Updates are only found when I manually perform a check. I have all 3 set to download and install with a

...

cbolitho by L1 Bithead
  • 2443 Views
  • 2 replies
  • 0 Likes

Time based No-decrypt rule?

Hi All,

On my site we have a Decrypt-all rule in place (apart from some no-decrypt rules for specific business related sites).

The problem I have is that some users are having issues accessing sites like Easyjet and Ryanair's booking pages, this I am f

...

JRussell by L3 Networker
  • 2676 Views
  • 6 replies
  • 0 Likes

Policies - Security - Rule shadowed by 2nd rule

Much like an access list on a cisco router top to bottom. I recently created 2 rules for our 3rd party ISP to connect internet sticks via our firewall.

1st rule - Allow all traffic via TELUS internet sticks from Trust Vpn, Source (telus), Destination

...

Is it PAN 4.1.8 ready for production environment?


Hello

I find that in PAN 4.1.8 is new feature:

"User/Group-based Portal Configurations – The GlobalProtect Portal now supports multiple agent configurations on a per-user or user-group basis within one portal configuration."

I know that its fresh ... bu

...

_slv_ by L4 Transporter
  • 5099 Views
  • 13 replies
  • 0 Likes

Resolved! configuring NAT with TAGGED subinterfaces

In order to overcome the limited number of physical interfaces on the PA-200, I need to have one physical interface handle traffic for two different zones, A & B. These zones need to talk to each other and to other internal zones (with security polic

...

ewilen by Not applicable
  • 3467 Views
  • 5 replies
  • 0 Likes

Resolved! PA in VWire mode between trunked ports

Greetings,

Before, I get to the matter, I have browsed through the discussions and did find solutions.  But I am unable to understand a few concepts. 

I have a scenario where;

1. The present firewall is a virtual firewall hosted on an ESXi Server.

2. Li

...

  • 24169 Posts
  • 100 Subscriptions
Labels