General Topics

Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

 

Rules and Best Practices

 

  1. Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion
...

JayGolf by Community Team Member
  • 668 Views
  • 0 replies
  • 0 Likes
Community Expert Verified
Community Expert Verified

Resolved! reverse proxy key doesn't match certificate

We deployed our PA last month, generated an SSL certificate (forward trust, forward untrust, and trusted root CA), and created SSL decryption rules.  Since the creation of the rules we are getting weekly medium system alerts (8 of them) stating "reve

...

sconley by Not applicable
  • 6333 Views
  • 1 replies
  • 0 Likes

ISP Failover and Global Protect (Routing Issues)

Hello All,

I have a pretty simple setup here - single PA-2020 with dual ISP's (One Virtual Router).  We're also using Global Protect (SSL VPN only) currently.  I seem to have an issue that I cannot sort out.

ISP failover works great through the use of

...

Pan Agent Clear clear user-cache all issue

Hello,

I've an issue with a cluster of PA500 running PANOS 4.1.7.

I'm using User Agent (release 4.1.5-1 installed on two 2008R2 servers) to authenticate users.

When I clear the user cache (with the command 'clear user-cache all') on the firewall, the ca

...

licenselu by L4 Transporter
  • 2691 Views
  • 1 replies
  • 0 Likes

Resolved! Security Policy to block Dropbox

I have created a security policy to block Dropbox traffic, but so far it is not working. In my policy I have chosen:

Source:     Destination Zone:     User:                    Destination Address:                                        Application:   

...

Resolved! Radius PSK limitation

Hello,

Can somebody from paloalto give the limitation of the shared secret word size and characters that we can use in the RADIUS Server profile ?

(I had some trouble to use complex secret with 64 characters with Windows 2K8R2 NPS))

u5128 by Not applicable
  • 3536 Views
  • 2 replies
  • 0 Likes

Resolved! Multicast stream from one VR to another.

Hi,

We have a IPTV multicast stream coming in on one of our virtual routers, and its working very well for all networks in this VR.

However, when we try to "route" this multicast stream to another VR on the same box, we can't make it work.

We have basic

...

johnd by L2 Linker
  • 2590 Views
  • 2 replies
  • 0 Likes

VPN SSL & Linux

Hello,

Here are some questions about VPN SSL Linux support :

- When do you plan to provide a Linux SSL client ?

- It would be great to not need the root privilege to be able to download and/or upgrade the VPN client.

Thanks :smileycool:

bdaussin by L0 Member
  • 11970 Views
  • 29 replies
  • 0 Likes

Committing Firewall changes

Does committing firewall changes bring the firewall down or will it remain functional while updating the configuration. I basically want to know if I can commit a NAT policy change without bringing down my tunnels

Bagar390 by Not applicable
  • 3331 Views
  • 3 replies
  • 0 Likes

Resolved! User identification

Hi,

I´m trying to configure the User Identification based on LDAP to Win2K8 Domain Server.

Apparently everything is fine - I can connect to AD Server and see the directory in User Identification -> Group Mapping Settings -> Group Map Profile

My problem

...

rrunge by Not applicable
  • 4143 Views
  • 1 replies
  • 0 Likes

Resolved! Wildcard/UCC SSL Certificates

Are there any issue(s) when using one of these for the reverse proxy (i.e. DMZ websites that use SSL) on the PAN please?

Specifically thinking of using Digicert.

Resolved! Threat log columns

Hi Everyone,

I see two columns in the threat log that are "receive time" and "generate time". Is anyone knows what differents of them?

Thanks,

Joy,

Resolved! Accessing multiple network zones over IPSEC VPN

I am trying to setup a IPSEC tunnel between two PA-2020's, one on each side.  I have the tunnel connecting and can access devices over the tunnel. However I am trying to access multiple network zones over the tunnel, and I am not sure how to configur

...

cmateam by L3 Networker
  • 4383 Views
  • 3 replies
  • 0 Likes

IPsec VPN Tunnel with overlapping subnets.

Hi,

Has anyone setup two PAN FW point to point that connect with the same subnets on each side.  The reason for the same subnets is that we have our production network behind FW-A and a co-location network that mirrors our production network behind FW

...

cmateam by L3 Networker
  • 6711 Views
  • 5 replies
  • 0 Likes
  • 23958 Posts
  • 113 Subscriptions
Top Solution Authors
Top Liked Authors
Labels