General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Ensuring a Safe and Secure Community: How You Can Help

 

Dear LIVEcommunity Members,

 

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

safe-community_oct24.jpg
report-content.jpg
jforsythe by Community Team Member
  • 447 Views
  • 0 replies
  • 2 Likes

HA Active/Active,..

Hi Team,..

Attached is the scenario for HA Active/Active,..Is it possible to configure IPSec and SSL VPN in this Scenario?

The  external interfaces of each PA firewall is directly connected to ISP  routers and have configured defferent public IP's on b

...

Gururaj by L4 Transporter
  • 2026 Views
  • 2 replies
  • 0 Likes

Management of the Palo

Hello

I have my Palo on a different IP range to my local network and wish to be able to connect to the palo to manage it from my local lan ip range. is this possible

my palo is on a 213.x.x.x which is the isp range

my lan is on a 10.x.x.x.x range.

Mark

Palo updates

Hi

I have just setup my Palo but it cant access any of the update servers, i have a security rule which is source trust zone des untrusted

my trusted zone is on a 10.x.x.x range

my un-trusted which connect to the isp router is a 213.x.x.x range,

Resolved! Why log partition is different between CLI and WEB-UI?

Hello guys.

I noticed that log partition was different of same PAN device.

CLI command that showed as below and log partition is max 125G.

ttongfly@PA-500-UQUEST> show system disk-space

Filesystem            Size  Used Avail Use% Mounted on

/dev/sda2    

...

ttongfly by L3 Networker
  • 3535 Views
  • 6 replies
  • 0 Likes

VPN setup 4.1.6

is there any documentation for setting up VPN on 4.1.6?

I took a look but couldn't find anything recent.

Thanks.

ryanjones by Not applicable
  • 2101 Views
  • 2 replies
  • 0 Likes

Running Captive Portal with no SSL/Certificate

Hello

I am running Captive portal successfully with HTML/POST based authentication. However as I only have a self signed certificate this generates a warning in the users browser.

There is no requirement to encrypt the username/password submit to the p

...

u13001 by Not applicable
  • 3104 Views
  • 4 replies
  • 0 Likes

App statistics very different between CLI and GUI

I ran the command 'show system statistics application' on the CLI of our PA-4020 at the Internet border and see these results....

Virtual System: vsys1
application                      sessions   packets      bytes
-------------------------------- -----

...

kmurphy6 by Not applicable
  • 2736 Views
  • 4 replies
  • 0 Likes

PAN 500 Locked Up Today

So, today, when basically nobody was on campus the PA-500 decided to lock up.  I could not connect to it at all and it was not passing traffic through.  Looking at the logs, it appears as though it locked up at 3:02 a.m. on Monday as there was no tra

...

HA Active/Active,..

Hi Team,..

Attached is the scenario for HA Active/Active,..Is it possible to configure IPSec and SSL VPN in this Scenario?

The external interfaces of each PA firewall is directly connected to ISP routers and have configured defferent public IP's on bot

...

Astik by L0 Member
  • 2696 Views
  • 2 replies
  • 0 Likes

Shared Gateway and VSYS

Hi,

I've a basic setup with TWO vsys with separate vrouters on each vsys (Maketing and Sales ) and a shared Gateway. Some vpn Tunnels terminating on my shared gateway.

I need to implement some static NAT rules for my VPN tunnels, so far so good.

Routing

...

slh by Not applicable
  • 2584 Views
  • 1 replies
  • 0 Likes

Resolved! PPPoA

Hi All,

hoping you can help with something I'm now too sure about.  I haven't found anything in help or knowledgepoint so far.  I've pre-configure a couple of PA-200's in PPPoE mode (ISP modems in bridge mode) to send to a remote site OS.  I've just h

...

Brightcloud tagging Yahoo sites as Phishing and Fraud

Greetings!

Today I received several helpdesk calls concerning yahoo! mail not working. Logs show that the 'yming.com' site that yahoo! uses is being flagged as a 'Phishing and Fraud' site.

I know I can report it (24-48 hour fix) and can manually unbloc

...

cloughr by L2 Linker
  • 4202 Views
  • 6 replies
  • 0 Likes

Allow download of file types that show as ZIP

Hello,

I have had a few instances where I've needed to allow certain files types through the data filter.  One annoying case was native Office 2007/2010 documents that end in x.  What I did was add it to my file blocking profile with the action of ALE

...

gsvarney by L1 Bithead
  • 6760 Views
  • 6 replies
  • 0 Likes

4.0.9 to 4.1.6 - Issues to be aware of?

Are there any known issues to be aware of if I wanted to go from 4.0.9 to 4.1.6?

We had an issue when we went from 4.0.9 to 4.0.11 where the dataplane on our PA-500 randomly rebooted several times and support's initial suggestion was to do a factory r

...

  • 23703 Posts
  • 110 Subscriptions
Top Solution Authors
Labels