General Topics

Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

 

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! 

 

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 195 Views
  • 0 replies
  • 0 Likes

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

 

Rules and Best Practices

 

  1. Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion
...

JayGolf by Community Team Member
  • 878 Views
  • 0 replies
  • 0 Likes

Captive Portal Persistence

Greetings,

A little background.  We have a wireless guest network at multiple facilities.  Currently we have Juniper wireless deployment and use their "SmartPass" product for guest authentication.  This gives us two things:

  1. Provides a splash page that
...

mrsold by Not applicable
  • 2744 Views
  • 2 replies
  • 0 Likes

Resolved! Packet Capture/Debug Flow based on an IPSec VPN

Hi

I am looking for a way doing a packet capture (or Debug Flow) with a filter based on a defined VPN Connection. The only thing I found, was a filter like "debug dataplane packet-diag set filter match ingress-interface tunnel" but with this I am not

...

User_333 by L2 Linker
  • 9811 Views
  • 4 replies
  • 0 Likes

Problem in RESTful API with predefined application

Hi,

Trying to retrieve list of predfined application with RESTfull api we recieve an error (Firefox):

ML Parsing Error: mismatched tag. Expected: </default>.Location: https://<server>/esp/restapi.esp?key=<key>&type=config&action=get&xpath=/config/prede

...

Resolved! LAN issue with PA200

Hi

gotta really wierd problem...

PA 200

configured for DHCP

eth1/2 Layer 3 IP address 10.130.8.25/24

default route via eth 1/2

eth1/2 connected to port on CISCO 2960S switch

PC connected to port on same CISCO 2960S switch

IP config IP Address. . . . . . . .

...

sue_town by Not applicable
  • 3272 Views
  • 3 replies
  • 0 Likes

VPN SSL with LDAP Group fail

Hi team, I have a problem with a OS 3.1.9.

If a try to configure VPN SSL with LDAP Groups, always I have the same error: Authentication failed: Invalid username or password.

If I change the configuration to LDAP users, athentication and connection are

...

ocampos by Not applicable
  • 1808 Views
  • 1 replies
  • 0 Likes

Resolved! DHCP Option 252 WPAD

Seeing since there is no support to push down client proxy settings via GP - does anyone know if we can set up a DHCP scope for SSL VPN clients that has/allows for option 252 WPAD support?

Thanks

Rod

djrodb by L3 Networker
  • 7167 Views
  • 8 replies
  • 0 Likes

Is there any way to monitor the state of a Virtual Wire?

We are testing vwire behavior with link state pass through enabled in our lab where it is working properly, but there is very little information to use as indicators of a transition.  Basically, all we can find in the log is the interface down messag

...

chrisp by L3 Networker
  • 3548 Views
  • 5 replies
  • 0 Likes

Global-protect clients not getting IPs

Hello,

One of ours client upgraded netconnect (4.0.8) to global-protect 1.1.2 (4.1.2).

In logs I can see that client is authenticated, but is not getting any IP. Communication is allowed so ipsec is not blocked. I've checked configuration at it seems

...

Still no way to set SPECIFIC threat exceptions???

I created this thread over a year ago...

https://live.paloaltonetworks.com/message/3636#3636

...is there still no more intuitive way to be more granular when it comes to creating threat exceptions? I'm still having the same problem I report at the bott

...

jambulo by L4 Transporter
  • 3049 Views
  • 4 replies
  • 0 Likes

Application bit-internal cannot be allowed.

How can I allow application bit-internal in my policy? This application is blocked by last rule (explicity block rule). I didn't see application bit-internal in my Object->application database and I can't use it in policy. We have PANOS 4.0.8 and app

...

darkfibre by Not applicable
  • 3972 Views
  • 5 replies
  • 0 Likes

Trouble setting up Globalprotect

Hello,
I'm tring for a week now to configure Global Protect. And have only been partially successful.

My config is PanOS 4.1.1 and GP client 1.1.2 on PA 2050 Boxes. No GlobalProtect Licence.

I encountered 2 Problems which I can't solve.

1.
I have configur

...

PA 5000 series users

Is anyone else running this new hardware platform besides my company?  We are running into a huge amount of issues and I would like to know if it's just us or not.

Creating Zones (Sub-Zones) on PA-500

Hello,

This question might sound very stupid, but never mind: 

I have a PA-500 configured which does a specific job which does layer 3 and that requires creating a lot of zones in-order to differentiate the traffic ( as per my understanding, zones are

...

  • 24011 Posts
  • 115 Subscriptions
Top Solution Authors
Top Liked Authors
Labels