General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Ensuring a Safe and Secure Community: How You Can Help

 

Dear LIVEcommunity Members,

 

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

safe-community_oct24.jpg
report-content.jpg
jforsythe by Community Team Member
  • 244 Views
  • 0 replies
  • 0 Likes

CLI cmd to show system log

I'm trying to use the CLI to get a list of SSLVPN logins, but keep getting either "sytnax error at end of input" or "syntax error at AND" errors. what i've attempted so far is variation on:

show log system subtype equal sslvpn object equal "Test SSL-V

...

u11756 by Not applicable
  • 18698 Views
  • 1 replies
  • 0 Likes

ThreatLog forwarding doesnt work

Hi All,

I have configured the PaloAlto to email me threatn  logs for medium , high and critical alerts, but it seems to email me only medium threat alerts, how do i fix this 

Please find attached my log forwarding profile.

My email profile is configure

...

Combining NAT rules?

Whil my NAT rules are working fine I get the feeling I am missing something with net rules.  I have an external ip which needs three ports forward to separate internal server:  port 7000 goes to port 3389 on 192.168.1.1, port 7001 goes to port 389 on

...

BobW by L4 Transporter
  • 1488 Views
  • 1 replies
  • 0 Likes

Asymmetric routing

Does anyone else have a multi-site network with asymmetric routing?  I'm having some issues getting from site to site.

Here's what's going on:

We have two datacenters -- one for the eastern US, the other for the western US.  Each datacenter has a PA-20

...

nwallette by Not applicable
  • 6914 Views
  • 5 replies
  • 0 Likes

PA500 Configuring a Static Routing Question?

Hello all.

I have a fairly easy deployment - a set of PA500s with internal trusted and external trusted zones. On the inside, they are currently connected to a router hsrp pair and on the outside pointing to another brand FW. I have only a handful of

...

dudesdad by Not applicable
  • 2413 Views
  • 2 replies
  • 0 Likes

Source NAT confusion

I am trying to provide for some 1-to-1 NAT on our PAN, which I thought we be an easy task.  However, my configuration insist on using the interface IP address for outbound connections.  Here is my setup.

Untrusted Network Interface IP: x.x.x.10/29

Trus

...

cdpadmin by Not applicable
  • 3279 Views
  • 5 replies
  • 0 Likes

PA-5020 4.1.5 issue

Hello,

Anyone else experienced any issues when upgrading to version 4.1.5?

We have done one upgrade to 4.1.5 and the PA-5020 just goes into a reboot cycle.

After doing the initial commit the firewall reboots and the cycle repeats.

Doing a factory reset f

...

How do I allow udp port 33001?

Hello All,

I have encountered an issue where a downloaded client installed on Internet Explorer called Aspera client for downloading video content experienced an error.It states to check the UDP port and firewall based on code 15.

Since this is applica

...

User-ID Agent AD Group Limitation?

All,

Digging around in the various docs I've found I can't seem to find an answer to this question so I'll ask here..

I'm curious if there is a limit on the number of AD groups per user that the Agent can handle? I'm worried we might run into some limi

...

steveo by L3 Networker
  • 3292 Views
  • 3 replies
  • 0 Likes

Vulnerability understanding

I'd like to figure out the meaning of a vulnerability alert

let say that I have an alert like:

Severity          Name                                                                                                                               ID      

...

Resolved! Comments when exiting GP client

When users disable/exit the Global protect client on their computers. They are forced to whrite a comment/reason.

Where are thoese comments logged? Can i read them somewhere?

//Karl

Captive Portal with Applications

Hi!

When not logged in with Captive Portal, it seems like all other Applications are allowed to pass through except http traffic.  Is it possible to setup Captive Portal so that it actually blocks ALL traffic before being authenticated with Captive Po

...

gebis_it by Not applicable
  • 2096 Views
  • 2 replies
  • 0 Likes

Problem with AD authentication - username change

Hi,

We had to change the username of one of our colleagues in the Active Directory. Now our appliance (PA-500 running 4.1.4) can see the changes but only in a strange way.

When I try to create a rule with this user and I try to list the users with [d

...

Captive portal

Hello

I am new to the administration of a PA 500. I would make a captive portalfor my users. The documentation of the manual I have no very clear. I do not look very complex, something functional and easy. I wonder if there is atutorial about it. The

...

  • 23627 Posts
  • 107 Subscriptions
Top Liked Authors
Labels