General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

emails stop working

hi all, i recently replace my palo alto 820 with new model 440, all is working fine however my emails from inside to outside stop working. my emails are on seperate zone on the dmz and i have barracuda. there is a nat policy. however when i set back the old one everything works properly. Does anyone have an idea about what is causing the issue

Resolved! fixing GP bug in newest 10.1.x versions

Hi, PA users Do you have any rumors about fixing this bug in the latest versions of 10.1.x. firmware? Note: GlobalProtect tunnel might disconnect shortly after being established when SSL is used as a transport protocol. Workaround: Disable Internet Protocol Version 6 (TCP/IPv6) on the PANGP Virtual Network Adapter. I have several hundred s...

Resolved! Minemeld Webui not coming up

Hello, 1st post here. Currently running Minemeld on Ubuntu 16.04 LTS I did see this link and tried what was suggested but no dice: Solved: LIVEcommunity - Re: Minemeld install errors on ubuntu server 16.04 LTS (amd64 bit) - LIVEcommunity - 253599 (paloaltonetworks.com) Minemeld-auto-update log shows the following errors and the webui is no...

kenrinc by L0 Member
  • 2399 Views
  • 3 replies
  • 0 Likes

PAN-PRISMA-ACCESS-PRIV-APPS-SC-QTY

Hello can someone explain what changed on SKU: PAN-PRISMA-ACCESS-PRIV-APPS-SC-QTY.A customer had previously that license with a qty. of 600 and the cost was per unit/user... now the price increased exponentially.

Resolved! Multiple tunnel to single destination over multiple WAN connections.

Hi, I am new to Palo Alto and require some help with design and configuration. Site A Palo Alto -- ISP A - P2P link ISP B - P2P link ISP C - MPLS link Azure Gateway I have to configure the tunnel from each of the ISP to the Azure and make sure each tunnel take precedence as it listed. What I understand, I can do the static ro...

gondolf by L1 Bithead
  • 1985 Views
  • 1 replies
  • 0 Likes

GlobalProtect MFA Radius 30sec Timeout

Hello, I want to setup MFA (radius) on palo alto for both the vpn and the admin page. For the admin page i have no problem. However for globalprotect i have a timeout problem. My configuration is : - radius timeout : 120 sec - globalprotect timeout: 120 sec - portal auth profile = ldap - gateway auth profile = radius The problem is that wh...

zakergfx by L1 Bithead
  • 1564 Views
  • 1 replies
  • 0 Likes

Resolved! FIPS-CC mode default user/password issue

We recently tried switching to FIPS-CC mode but the factory default user/password didn't work. The Admin guide showed the default user/password to be admin/admin even in FIPS-CC mode. We also found a Palo Alto documentation that for FIPS-CC it should be admin/paloalto but that didn't work as well. There was a mention of using the serial number a...

B.Vance by L1 Bithead
  • 11769 Views
  • 4 replies
  • 0 Likes

VM-300 GP capacity

Hi Team, Total how many users can login at a time through global protect vpn on the VM-300 Palo Alto firewall, i want to check the capacity of user handle by VM-300

PA-5220 Version: 10.2.5 - Unable to commit after adding a VIP

After creating the sub interface ae1.1416 and using the address 10.149.124.98/27, we are receiving the error below after adding the first usable address as the VIP with 10.149.124.97Both palos are in an active/active pair- We are able make the commit without using the VIP - We can use another IP address in the subnet range as the VIP and commits...

R.Smith by L0 Member
  • 1132 Views
  • 1 replies
  • 0 Likes

Developer Edition

Please forgive my ignorance. I am new to Palo Alto and I am wondering is there a virtual device option for me to use (training, testing, developing)?

  • 24393 Posts
  • 123 Subscriptions
Top Solution Authors
Labels