General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

ELSTER and SSL decryption

In Germany one can use "ELSTER" to transmit tax reports electronically to the financial authorities. Elster is build in many ERP Systems and alike.Unfortunately the certificate used by the authorities is self signed and therefor not trusted by the PA and gets newley created by and signed by the "forward_untrust" CA in the PA rendering a communic...

u13550 by L3 Networker
  • 3641 Views
  • 1 replies
  • 1 Likes

Resolved! bi-direction NAT question

I have the following rule in the firewall and was wondering if I needed to create a second rule for the other direction or if the bi-directional option will take care of it for me.examplesource address :10.100.10.50 > destination address: FTPSERVERSGROUP > Source Translation: static-ip 209.165.241.88 bi-directional Basically if 10.100....

URL rewriting

Hi all,I am in front of this issue and I don't know how to solve it, can anyone help me?I have to migrate the configuration of some checkpoint security rules to a Paloalto PA-500 (panos 4.0).On checkpoint there are some rules that make URL rewriting:EX (I try to translate the rules)some rules are configured to grant access to the website. So, wh...

s_dutto by Not applicable
  • 6593 Views
  • 4 replies
  • 1 Likes

Resolved! Rules not applying to AD groups

Hi,For some reason my Palo Alto 2020 has stopped recognizing rules that are applied to AD user groups. My 2 User ID agents are running on the Domain controllers and are showing green on my Palo Alto box.It works if I apply the rule to a specific AD user, so I know it is able to communicate with the ID agent otherwise it wouldn't register the use...

full mesh or hub and spoke VPNs running OSPF

Hi there,is anyone managing this with let's say 50 sites and multiple connections (Internet, MPLS). Currently we are using Juniper and the VPN manager inside the central management (NSM) does this job for us. The good thing is that when you have found a NSM release which is working and has no show stopping bugs it is running really well.How does...

hag by L1 Bithead
  • 5208 Views
  • 2 replies
  • 0 Likes

Resolved! backup local config to panorama?

Hi,We already have an PA appliance installed.We buy panorama 1 month later. Mainly because we want to keep logs long time like 2 years of logs.So we just want to manage Rules set of the PA with panorma, and get all the logs.First step i try to do is doing an export/import of the PA to panorama.There is clear exemple to do that?For now i only f...

Resolved! Trouble getting Gateway pushed to VPN-Client using Shrewsoft

Hello Community,i managed to establish an IPSEC-VPN connection to our PA500 (with PanOS 4.1.5) with ShrewSofts VPN-Client (v2.1.6) using Mutual PSK & X-Auth.But its no use because there ist no Gateway pushed to the client.Via 'route print' the connection has On-link as setting for the Gateway.Any help in troubleshooting this issue would be a...

univativ by L0 Member
  • 3466 Views
  • 1 replies
  • 0 Likes

Resolved! OID for Subinterfaces

I am looking for an OID to monitor subinterface details on a PAN-4050. I have several lists of supported OIDs that cover everything else that I need except for this. We are using Orion to monitor these appliances.

Resolved! Netflow profile

Hi all,I've a question about a netflow profile configuration at an interface.In the our situation I have a lot of subinterfaces. I can configure an profile to an physical but also an subinterface.When I configure the netflow profile to the physical interface will all subinterfaces automaticly monitored?If not i've a problem with my solarwinds ne...

ppater by Not applicable
  • 3517 Views
  • 2 replies
  • 0 Likes

Resolved! iOS VPN Support

Is there a VPN solution for iOS (iPad/iPhone) devices yet? Or a timeline? Not having a solution is starting to get . . . painful.

nlevay by Not applicable
  • 2679 Views
  • 1 replies
  • 0 Likes

Problem pushing a config from Panorama

Hey everyone -I'm getting an error when I'm trying to push a config out from Panorama. A little background:I used the conversion tool to convert an existing checkpoint firewall configuration, which worked fine, with a few minor things that didn't import (like ipsec not being allowed in the service objects, etc)Now, when I try to push/sync from...

jpalmer by Not applicable
  • 2061 Views
  • 1 replies
  • 0 Likes
  • 24396 Posts
  • 123 Subscriptions
Top Solution Authors
Labels