General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

DNS Dynamic Updates not working when on Global Protect after update to 10.1

We began a step migration from 9.1.13 to eventually 10.2.2. We usually pause at each major update and make sure everything is working before taking the next jump. I got to 10.1 and hit a roadblock. We have our laptops check in with DNS and do a dynamic update so that DNS has the correct IP when people are bouncing between working in the office...

Walt by L1 Bithead
  • 3301 Views
  • 2 replies
  • 0 Likes

Ignite 2022 CPE Credits

I saw before I attended Ignite 2022 that we would be eligible for CPE credits for the classes we attended at the conference. Does anyone know how we go about claiming these CPE Credits and getting them applied to our ISC2 account?

CoAAdmin by L0 Member
  • 5165 Views
  • 7 replies
  • 0 Likes

Resolved! Upgrade to 11.1 from 10.1.11-h5

Hello PaloAlto users! I have to upgrade my PA-820 from 10.1.11-h5 to 11.1 due new features needed. I have purchased my Palo Alto from ebay and is not licensed. I have downloaded the image 11.1 but it´s necesary to update the content version to achieve this update. And when I try to update from a file, this happens... Someone know another ...

Jlsierra_0-1709672963590.png
Jlsierra_1-1709673065218.png
Jlsierra_2-1709673116881.png
Jlsierra by L1 Bithead
  • 2597 Views
  • 2 replies
  • 0 Likes

Authentication error

users in one the gateway facing the error `please click the button below to relaunch authentication` while try to connect VPN .

How to filter routes being exported to BGP neighbor?

We are currently redistributing all OSPF routes to our BGP neighbor without any filtering. We wish to exclude certain prefixes from BGP advertisement. I need an assistance in configuring the filter for this purpose. Q1. Is it going to be working if I create redistribution profile and apply noRedist_To_BGP profile to BGP-->Redist Rules? Q2...

JasonKu_0-1709226190520.png
JasonKu_2-1709226301733.png
JasonKu_3-1709226491336.png
Jason.Ku by L1 Bithead
  • 2418 Views
  • 1 replies
  • 0 Likes

Palo alto GP with azure SAML

Hi, I was reading about the integration of Palo Alto GP with Azure SAML authentication. My globalprotect is using port 4433 to access instead of the default 443. Hence, I'm wondering what to configure for the identifier, a reply URL, and a sign-on URL in Azure SSO. Below is how I should set it up in my Azure? So instead of the default 443, i w...

Kevin-Ng by L2 Linker
  • 1563 Views
  • 1 replies
  • 0 Likes

Need to suppress alerts that are getting generated as a result of adding a file execution in the restrictions

Hi Team, We have added the file execution for Quickassist in restriction in XDR console but we dont want to get flooded with the alerts that are getting generated due to it. Is there any way that I could get restrict the file execution but also suppress the resulting alerts simultaneously? Regards Rohita

Commit Fail Phase1 sslvpn

hey i am gtting commit fail on phase1 abort, and it looks like the SSL VPN proccess how can i troubleshoot it ? show management-clientsClient PRI State Progress-------------------------------------------------------------------------routed 30 P1-abort 0ha_agent 25 P1-abort 0device 20 P1-abort 0ikemgr 10 P1-abort 0keymgr 10 init 0 (op cmds only)...

minow by L4 Transporter
  • 18145 Views
  • 11 replies
  • 0 Likes

Resolved! Questions about EDL

Hello, I have a firewall rule on the Internet Firewall list this Source: Palo Alto Networks - High risk IP addresses - Palo Alto Networks - Known malicious IP addresses Destination Any Service Any Action: drop So if an ip inside the two EDL try to reach a Public Customer Service will be drop right? How is this list updated? There is a packag...

Resolved! Panorama warning messages for EDLs with no certificate

I have several EDLs that were intentional configured to not use a certificate profile. Is there a work around to hide the Panorama warning messages stating "External Dynamic List <edl> is configured with no certificate profile. Please select a certificate profile for performing server certificate validation".

L2 trunks between 3 Cisco switches

THis was working in vwire just fine with two vwires.1/1 to 1/3 vwire 11/5 to 1/6 vwire 2Now we want to go to Layer 2, here is the configuration. I am only adding L2 sub interfaces to the firewall. 1st trunk: --CISCO SW1 TRUNKED INTERFACE ALLOWING ONLY VLAN 9 >> FW >> SW3 CISCO TRUNKED INTERFACE ALLOWING ONLY VLAN 9.--FW VLAN 9 tagge...

tshooter by L2 Linker
  • 1359 Views
  • 1 replies
  • 0 Likes

Resolved! Cortex XDR Agent DownGrade

hi Community, Is there any way to downgrade the Cortex Agent from 8.3 to 8.2 via Console and as we cannot turn off Auto Upgrade isn't autoupgrade conflict with Downgrade

Yayati by L0 Member
  • 2429 Views
  • 1 replies
  • 0 Likes

Exporting URL Filter objects/groups

Is there a way (CLI or WebUI) to export the URL Filtering objects and their details? We are looking to export the objects and their block/allow categories so we can put them in front of management.

sconley by Not applicable
  • 10399 Views
  • 3 replies
  • 0 Likes
  • 24393 Posts
  • 123 Subscriptions
Top Solution Authors
Labels