General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

 

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! 

 

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 312 Views
  • 0 replies
  • 0 Likes

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

 

Rules and Best Practices

 

  1. Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion
...

JayGolf by Community Team Member
  • 985 Views
  • 0 replies
  • 0 Likes

Resolved! Panorama & HA Pair questions

I'm just getting started with  Pair of 5000's in Active/Passive and plan to manage them via Panorama. Should I be pushing policy to the 'primary' PA firewall or create a device group and push the policy to both?

Second question: We plan on bringing u

...

Jinx by L1 Bithead
  • 2622 Views
  • 2 replies
  • 0 Likes

DNS Proxy question

Hi All,

I'm working to configure the PAN (4.1.2) DNS proxy, hopefully to replace the legacy slave dns server.

But the adminsitrative guide is good enough to understand to configure it.

I'm having hard time getting it to work as desire.

Would I able to fo

...

ateo by Not applicable
  • 3069 Views
  • 2 replies
  • 0 Likes

Resolved! Timer to refresh FQDN object entries

Hi,

In the "PAN-OS Command Line Interface Reference Guide Release 4.0", we found the following options which specify the refresh times for "FQDN object entries".

+ fqdn-forcerefresh-time — Seconds for Periodic Timer to force refresh FQDN object entrie

...

Hub by L0 Member
  • 5578 Views
  • 4 replies
  • 0 Likes

PA 5000 Series QoS performance.

Hi there.

I have a question regarding of QoS performance of PA 5000 Series.

As my know, PA-4000 Series performance is up to 2G when using QoS.

how is the performance about PA5000 series??

does it has  same performance with PA 4000 series??

is it also

...

willstech by L3 Networker
  • 2597 Views
  • 1 replies
  • 0 Likes

Resolved! VPN Authetication with client certificate

Hi, if I configure VPN authentication with client certificate, it will be necesary to enter password?.

I don't know if with client certificate you don't need user and password as I've seen in other scenarios. Reading documentation from Palo Alto seems

...

ssancho by L2 Linker
  • 2666 Views
  • 2 replies
  • 0 Likes

Panorama in HA

Hi there!

I would like to know if someone is using the Management Panorama in HA (Primary and Secondary). I was looking for information about, but i could not find anything.

Thanks in advance!

Angel.

Resolved! User-ID Agent XML config and debug

Have successfully installed the UserAgent 4.1.2-2 and it is merrily discovering user authentication events.  It is VERY keen to tell me all of this in the UaDebug.log file.


How do you reduce the verbosity - there's a "file" somewhere but it's not givi

...

PA 2020 Active/Passive HA

I am configuring Active/Passive PA 2020 firewall for clustering . I have configured all the parameters for HA including the links(HA1 and HA2). Also the firewall are connected and both the HA interfaces are showing up. I am making One PA Firewall as

...

itsecll by L1 Bithead
  • 4316 Views
  • 6 replies
  • 0 Likes

address-group limitation

Hi @all,

we’re using a PA-5020 active-passive Firewall-Cluster.

We recently noticed that the address-groups are limited to 500 items per group. As we have a list of nearly 1500 items (ip-address and network-addresses) to manage, I want to ask whether

...

Wirecard by Not applicable
  • 2485 Views
  • 2 replies
  • 0 Likes

No username in source-user column of PA-500

Hi All

I have upgraded to  PANOS 4.1.2 and user-id-agent 4.1.2-2 in my lab, however when i complete config, and can not select any domain\username in the source user column, but i can sure the connection is ok by command >show user user-id-agent stati

...

Third party RADIUS + OTP + Captive Portal

Hi all,

We are implementing a Nordic-Edge Server that provides radius and otp services. Once you have enter the user/password credentials in VPN-SSL portal , you get another screen which prompts you for the OTP that is sent by SMS.

The auth is OK , but

...

Resolved! User-ID agent 4.1.0 service logon account permissions.

User-ID agent 3.1.0 ran quite happily on our Domain Controller under a regular domain user account (no group membership apart from the default Domain Users, and I guess "Ran as service" was granted automatically during the installation).

The new versi

...

ST1985 by L1 Bithead
  • 8961 Views
  • 7 replies
  • 0 Likes

Anyone tried REVERSE PROXY on PAN

Hi,

I was just wondering if anyone was successful in implementing Reverse Proxy solution on the PAN.  As far as i know, Palo Alto does not do Reverse Proxy, but was even told that there was work around for it.  Anyone who has been successful in acheiv

...

Custom reports using different log archive

Hi all,

we are trying to create a custom report in which we want to include fields that belongs to, for exemple, the URL log database and wanted to add a field that is contained at the traffic log (bytes, for example).

Is it possible?

Best regards,

COMIP by L2 Linker
  • 2654 Views
  • 3 replies
  • 0 Likes
  • 24040 Posts
  • 115 Subscriptions
Top Liked Authors
Labels