General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Resolved! Threat log columns

Hi Everyone,I see two columns in the threat log that are "receive time" and "generate time". Is anyone knows what differents of them?Thanks,Joy,

Resolved! Accessing multiple network zones over IPSEC VPN

I am trying to setup a IPSEC tunnel between two PA-2020's, one on each side. I have the tunnel connecting and can access devices over the tunnel. However I am trying to access multiple network zones over the tunnel, and I am not sure how to configure that. I've typed up my setup below.Site-A (main site) has a 192.x.x.x/16 and a 10.10.x.x/16 ne...

cmateam by L3 Networker
  • 5380 Views
  • 3 replies
  • 0 Likes

'Unknown Error' on Commit of Network and Device Configuration

I am currently trying to find a way round the issue where by a commit causes a drop in the BGP connections that are peered with the firewall.During the testing upgraded to 4.1 to use the gradual commit but if i try and install just the Network and Device configuration from the advanced option in the commit it get the attached error - not very de...

IPsec VPN Tunnel with overlapping subnets.

Hi,Has anyone setup two PAN FW point to point that connect with the same subnets on each side. The reason for the same subnets is that we have our production network behind FW-A and a co-location network that mirrors our production network behind FW-B. This is for disaster recovery and quick turn on of machines in the event of a disaster, etc....

cmateam by L3 Networker
  • 9022 Views
  • 5 replies
  • 0 Likes

rate-limiting qos policy

Hi,I'm interested in creating a simple qos policy, which will rate-limit streaming applications for all users, except a group of power users.I'm assuming that I would have to create two QOS rules (policies).First one will assign streaming traffic for power users (source user = power users). In this case I would probably omit class, so that the d...

bbivolaku by Not applicable
  • 7888 Views
  • 5 replies
  • 0 Likes

Resolved! Unusual Log entry

In the monitor tab, I'm seeing entries as sys1+[zone Name] in both the "from zone" and the "to zone" columns. What could this mean?

weasel by L0 Member
  • 3397 Views
  • 3 replies
  • 0 Likes

Resolved! SNMP to split between Panorama and traps server

I have a question regarding the SNMP server settings on a 5020.If I have specified to send SNMP to panorama and I also have a traps server listed for the same type (let's say 'informational') will the unit send to both Panorama AND the trap server?

Resolved! Ssl Exclude What for ?

I wonder when we need to use SSL Exclude option for certificate.When I try to write a decryption policy and try to test SSL exclude , I could not see any differences.I looked to pdf and it gives just that info below :SSL Exclude—This certificate excludes connections if they are encountered during SSL forward proxy decryption.Does anybody have an...

Resolved! MAC 10.8 using NetConnect issue?

Hi, I used browser to login SSL VPN portal in MAC 10.8 client. At first time,there is no any problem to connect, but second time,the NetConnect can not get any IP from PA. Just one time succesfully,I can not dial again. Do anyone have this issue? PA OS is 4.0.7

IPSEC WITH PBF

Hi guys ,I dont know what happens but when i use pbf on my isp`s , my ipsec vpn don`t traffic......what can be?best regards.

Thiago by L3 Networker
  • 2445 Views
  • 1 replies
  • 0 Likes

ELSTER and SSL decryption

In Germany one can use "ELSTER" to transmit tax reports electronically to the financial authorities. Elster is build in many ERP Systems and alike.Unfortunately the certificate used by the authorities is self signed and therefor not trusted by the PA and gets newley created by and signed by the "forward_untrust" CA in the PA rendering a communic...

u13550 by L3 Networker
  • 3635 Views
  • 1 replies
  • 1 Likes

Resolved! bi-direction NAT question

I have the following rule in the firewall and was wondering if I needed to create a second rule for the other direction or if the bi-directional option will take care of it for me.examplesource address :10.100.10.50 > destination address: FTPSERVERSGROUP > Source Translation: static-ip 209.165.241.88 bi-directional Basically if 10.100....

  • 24393 Posts
  • 123 Subscriptions
Top Solution Authors
Labels