General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

How and Why to Accept a Solution to Your Post

Did you know that you can help your fellow community members by accepting solutions when a reply answers your question Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature

...

JayGolf_0-1691518400714.jpeg
JayGolf by Community Team Member
  • 1874 Views
  • 1 replies
  • 10 Likes

Resolved! Timer to refresh FQDN object entries

Hi,

In the "PAN-OS Command Line Interface Reference Guide Release 4.0", we found the following options which specify the refresh times for "FQDN object entries".

+ fqdn-forcerefresh-time — Seconds for Periodic Timer to force refresh FQDN object entrie

...

Hub by L0 Member
  • 4523 Views
  • 4 replies
  • 0 Likes

PA 5000 Series QoS performance.

Hi there.

I have a question regarding of QoS performance of PA 5000 Series.

As my know, PA-4000 Series performance is up to 2G when using QoS.

how is the performance about PA5000 series??

does it has  same performance with PA 4000 series??

is it also

...

willstech by L3 Networker
  • 2125 Views
  • 1 replies
  • 0 Likes

Resolved! VPN Authetication with client certificate

Hi, if I configure VPN authentication with client certificate, it will be necesary to enter password?.

I don't know if with client certificate you don't need user and password as I've seen in other scenarios. Reading documentation from Palo Alto seems

...

ssancho by L2 Linker
  • 2104 Views
  • 2 replies
  • 0 Likes

Panorama in HA

Hi there!

I would like to know if someone is using the Management Panorama in HA (Primary and Secondary). I was looking for information about, but i could not find anything.

Thanks in advance!

Angel.

Resolved! User-ID Agent XML config and debug

Have successfully installed the UserAgent 4.1.2-2 and it is merrily discovering user authentication events.  It is VERY keen to tell me all of this in the UaDebug.log file.


How do you reduce the verbosity - there's a "file" somewhere but it's not givi

...

PA 2020 Active/Passive HA

I am configuring Active/Passive PA 2020 firewall for clustering . I have configured all the parameters for HA including the links(HA1 and HA2). Also the firewall are connected and both the HA interfaces are showing up. I am making One PA Firewall as

...

itsecll by L1 Bithead
  • 3266 Views
  • 6 replies
  • 0 Likes

address-group limitation

Hi @all,

we’re using a PA-5020 active-passive Firewall-Cluster.

We recently noticed that the address-groups are limited to 500 items per group. As we have a list of nearly 1500 items (ip-address and network-addresses) to manage, I want to ask whether

...

Wirecard by Not applicable
  • 1803 Views
  • 2 replies
  • 0 Likes

No username in source-user column of PA-500

Hi All

I have upgraded to  PANOS 4.1.2 and user-id-agent 4.1.2-2 in my lab, however when i complete config, and can not select any domain\username in the source user column, but i can sure the connection is ok by command >show user user-id-agent stati

...

Resolved! User-ID agent 4.1.0 service logon account permissions.

User-ID agent 3.1.0 ran quite happily on our Domain Controller under a regular domain user account (no group membership apart from the default Domain Users, and I guess "Ran as service" was granted automatically during the installation).

The new versi

...

ST1985 by L1 Bithead
  • 7663 Views
  • 7 replies
  • 0 Likes

Anyone tried REVERSE PROXY on PAN

Hi,

I was just wondering if anyone was successful in implementing Reverse Proxy solution on the PAN.  As far as i know, Palo Alto does not do Reverse Proxy, but was even told that there was work around for it.  Anyone who has been successful in acheiv

...

Custom reports using different log archive

Hi all,

we are trying to create a custom report in which we want to include fields that belongs to, for exemple, the URL log database and wanted to add a field that is contained at the traffic log (bytes, for example).

Is it possible?

Best regards,

COMIP by L2 Linker
  • 2051 Views
  • 3 replies
  • 0 Likes

Captive Portal Persistence

Greetings,

A little background.  We have a wireless guest network at multiple facilities.  Currently we have Juniper wireless deployment and use their "SmartPass" product for guest authentication.  This gives us two things:

  1. Provides a splash page that
...

mrsold by Not applicable
  • 2122 Views
  • 2 replies
  • 0 Likes

Resolved! Packet Capture/Debug Flow based on an IPSec VPN

Hi

I am looking for a way doing a packet capture (or Debug Flow) with a filter based on a defined VPN Connection. The only thing I found, was a filter like "debug dataplane packet-diag set filter match ingress-interface tunnel" but with this I am not

...

User_333 by L2 Linker
  • 6560 Views
  • 4 replies
  • 0 Likes
Top Liked Authors