General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Resolved! AntiSpyware Response Page

Did the AntiSpyware Response page option go away in version 4.1.4?  Seems like I tested with it and saw an option for an AntiSpyware page in eariler versions of 4.x, but I'm not seeing it listed as an option on the firewalls or in Panorama in 4.1.4.

robertb by L0 Member
  • 1852 Views
  • 1 replies
  • 0 Likes

FAIL TO PARSE SECURITY POLICIE

Hi guys

I`m having a big problem


When i try to commit my security policies show this erro.

Details:
· Error: Failed to find address '10.2.69.100 '

· Error: Unknown address '10.2.69.100 '

· Error: Failed to parse security policy

· (Module: device)

· Commit f

...

Thiago by L3 Networker
  • 3327 Views
  • 1 replies
  • 0 Likes

Resolved! Layer 3 Interface Trunk Configuration

Hi,

I am a new Palo Alto firewall user, however I have been working with firewalls for some time.  I have a couple of quick questions;

1) Does the Palo Alto PAN-OS firewall have equivalent of the "shut"  or "no shut" command to turn an interface on or

...

dsulli99 by Not applicable
  • 7858 Views
  • 2 replies
  • 0 Likes

Adding multiple IPs to external interface

I am interested in adding all of the IPs from a range like x.y.z.40/28 to the external interface of the PAN.

The verbiage on the GUI makes it sound as if I need to add each IP individually.

Can I add a range as listed above by entering it as  x.y.z.40/

...

BobW by L4 Transporter
  • 3205 Views
  • 1 replies
  • 0 Likes

Resolved! URL logging without URL Filtering license

We are trying to log all URLs without having a URL Filtering license

For that we created a custom URL category containing

*.*

*.*.*

Seemed to work but when we compared the amount of log entries to the proxy logs we discovered that we only see less than h

...

AndreasB by L2 Linker
  • 2822 Views
  • 1 replies
  • 0 Likes

CLI cmd to show system log

I'm trying to use the CLI to get a list of SSLVPN logins, but keep getting either "sytnax error at end of input" or "syntax error at AND" errors. what i've attempted so far is variation on:

show log system subtype equal sslvpn object equal "Test SSL-V

...

u11756 by Not applicable
  • 17901 Views
  • 1 replies
  • 0 Likes

ThreatLog forwarding doesnt work

Hi All,

I have configured the PaloAlto to email me threatn  logs for medium , high and critical alerts, but it seems to email me only medium threat alerts, how do i fix this 

Please find attached my log forwarding profile.

My email profile is configure

...

Combining NAT rules?

Whil my NAT rules are working fine I get the feeling I am missing something with net rules.  I have an external ip which needs three ports forward to separate internal server:  port 7000 goes to port 3389 on 192.168.1.1, port 7001 goes to port 389 on

...

BobW by L4 Transporter
  • 1462 Views
  • 1 replies
  • 0 Likes

Asymmetric routing

Does anyone else have a multi-site network with asymmetric routing?  I'm having some issues getting from site to site.

Here's what's going on:

We have two datacenters -- one for the eastern US, the other for the western US.  Each datacenter has a PA-20

...

nwallette by Not applicable
  • 6753 Views
  • 5 replies
  • 0 Likes

PA500 Configuring a Static Routing Question?

Hello all.

I have a fairly easy deployment - a set of PA500s with internal trusted and external trusted zones. On the inside, they are currently connected to a router hsrp pair and on the outside pointing to another brand FW. I have only a handful of

...

dudesdad by Not applicable
  • 2373 Views
  • 2 replies
  • 0 Likes

Source NAT confusion

I am trying to provide for some 1-to-1 NAT on our PAN, which I thought we be an easy task.  However, my configuration insist on using the interface IP address for outbound connections.  Here is my setup.

Untrusted Network Interface IP: x.x.x.10/29

Trus

...

cdpadmin by Not applicable
  • 3225 Views
  • 5 replies
  • 0 Likes
  • 23576 Posts
  • 103 Subscriptions
Top Liked Authors
Labels