General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Resolved! DHCP max number of clients

Hello world,

My company is considering deploying a PA box to do some basic routing, NAT'ing, and other functions. One of those is dhcp. We'd like to use the PAN to serve up dhcp addresses for a number of VLAN's. What's the max number of clients that c

...

markjx by Not applicable
  • 2772 Views
  • 3 replies
  • 0 Likes

FAIL OVER SWITCHs

Hi guys ,

i want to explain my problem.

I have a 2 switches in fail over with link aggregate with 3 vlan`s. (LAN , SAN , Management)

I have one PA-500.

So

How can i configure my PAN interfaces , when 1 switch fail , the 2 switch get all flow and my fire

...

Thiago by L3 Networker
  • 3386 Views
  • 9 replies
  • 0 Likes

Resolved! Inconsistencies in Panorama?

Whether I am viewing the Security rules in Panorama or from the 2050, I noticed that the Security rules are listed on both the firewall and in Panorama.  However, this is not he same for the Policy Based Forwarding rules. The Policy Based Forwarding

...

Resolved! Commit Failed (4.0.4)

Hello,

Commit on our PA4050 Cluster running in Active-Passive mode on PANOS 4.0.4 is not working since today.

We get the following messages :

OperationCommitStatusCompletedResultFailedDetails 
  • device: config commit phase 1 aborted
  • Management server faile
...

Duplem by L2 Linker
  • 7754 Views
  • 8 replies
  • 1 Likes

SSL Decryption and Spoofing

If I enable SSL decryption and the PAN effectively works as a "man-in-the middle", the client recieves a cert error saying the certificate has not been generated by the destination server. No problem, as I can add the PAN cert as a trusted cert in my

...

Facebook-chat not blocking for specific account!!

hello !

I 'have seen on the same PC with the same windows user a strange problem:

when a user  is connected  on his facebook, I can see in the log facebook-chat DENY and the chat is blocked

when the same user is connected with an another facebook accoun

...

alle by L3 Networker
  • 3875 Views
  • 6 replies
  • 0 Likes

Resolved! Palo-Alto and Cisco WAAS

Hello,

We are migrating to a Palo-Alto 4020 cluster from our PIX firewall cluster. I have a question regarding Cisco WAAS and WCCP v2 traffic. The front end router redirects to a Cisco WAE via WCCP services 61 and 62. Both WCCP and the WAE mark the o

...

Dual ISP, PBF and DMZ

Hello.

I have a specific question about certain situation. There is a customer with 2 ISPs, let's call them ISP1 and ISP2. Customer has a single PA device to which both ISPs are connected. Each ISP provides a block of public IP addresses which are rou

...

santonic by L6 Presenter
  • 5571 Views
  • 11 replies
  • 0 Likes

Maximum number of UserID Agents for 4.1.x ?

Whats the maximum number of UserID agents that can be configured to talk to the firewall ?

ie. Will the firewall complain if we have 200+ userID agents configured to talk to it?

I know each agent can monitor a maximum of 100 domain controllers.. but ho

...

ucteam by Not applicable
  • 4579 Views
  • 10 replies
  • 0 Likes

static routes

Hi

I have 4 interfaces;

eth1/1 = sub1 -> 10.10.1.1/24

eth1/2 = sub2 -> 10.10.2/1/24

eth1/3 = mpls -> 10.10.3/1/24

eth1/8 = wan -> x.y.z.w

default router on all interfaces

but now I need to route all 0.0.0.0/0 traffic from sub1 over the MPLS (10.10.3.10) and

...

FlexyZ by L3 Networker
  • 3080 Views
  • 6 replies
  • 0 Likes

Application-based DoS capabilities?

I am seeing several atempts by the same IP address utilizing t.120 to connect via port 3389 to the various Windows Servers that I have with external IP addresses (and, yes, some are actual Terminal Servers).  I would love to be able to configure a th

...

mmartin by L1 Bithead
  • 2846 Views
  • 3 replies
  • 0 Likes

Resolved! Session Clearing

I have a PA-500 Firewall.  I am trying to test some policies, however, when I add and remove users from groups, the Palo Alto isn't picking this up fast enough.  Does anyone know the command line to clear out a session from the Palo Alto so it will r

...

kaysun by L1 Bithead
  • 2894 Views
  • 3 replies
  • 0 Likes

Resolved! Panorama Distributed Certs

Am I going mad, or can anyone else not actually use certificates imported in Panorama and then distributed to end devices?

Once I have pushed these to PA's I cannot seem to apply them to 'functions' via the GUI or the CLI.

Using the same certificate up

...

apackard by L4 Transporter
  • 2325 Views
  • 3 replies
  • 0 Likes
  • 24188 Posts
  • 101 Subscriptions
This widget could not be displayed.
Top Solution Authors
Top Liked Authors
Labels