General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

PA200 Android IKEv2/IPSEC PSK

Hi everyone, I received an old Palo Alto PA200 firewall from a friend who works in networking, and I decided to set it up in my home lab to explore its interface and features. If I like how it performs, especially the monitoring capabilities, I might suggest purchasing it for the company where I work. Currently, I'm trying to establish an IPsec ...

Kublach by L0 Member
  • 2202 Views
  • 1 replies
  • 0 Likes

Resolved! How to view administrative distance?

Hi everyone, How would I see administrative distance of the routes in the routing table? they seem to not be visible in the gui (more runtime stats) or via cli (show routing routes). is there a special command or special area via gui I can see this information??

VK9H13 by L2 Linker
  • 6209 Views
  • 5 replies
  • 0 Likes

Resolved! Move firewall to new Panorama

Hi All, We currently have 2 Panoramas (virtual) managing different firewalls.. We'd like to move all firewalls to 1 pano, so we can retire the other one. What's the best/safest way to accomplish that? Is there a way to avoid having duplicate objects while migrating or would it be a cleanup effort after the fact. It's a mix of standalone fi...

CLI Rename Command Syntax - Rename GlobalProtect Gateway

Totally new to Palo Alto here. I'm looking to rename an existing GlobalProtect gateway on our PA-450. I have found some posts indicating that this can be done from the CLI of the firewall by using the "rename" command from CLI to update the "GATEWAY" name and the "GATEWAY-N" name on the firewall. I can see these entries in the config after e...

Resolved! Decrypt Gmail messages

Hello All, Newby question here, is it possible to decrypt Gmail messages and actually see what a client sent via gmail? Some times there are investigations where we need to find out if an email was sent out from someone internally. We only receive the email that was shared or spammed to corporate users. If this is possible can you please sh...

palmanza by L0 Member
  • 3506 Views
  • 1 replies
  • 0 Likes

Nessus scan of FW2 failed - credentials were no provided for detected PAN-OS WebUI service

When performing a NESSUS scan of FW1, errors return: Remote host was not identified as a known device or operating system and the execution of "uname -a" failed. NESSUS returned the following error: Enter old password: This NESSUS scan works on three other FWs successfully Plugin: ssh_get_info.nasl (#12634) Plugin: no_local_checks_credenti...

Resolved! Query for routing table

Hello, everyone. One query. In Palo Alto Firewalls, what is the correct command in the CLI, to "validate" if I have or don't have a route, to reach a particular destination? The correct command is "show routing route" or "show routing fib" ??? What is the command that can help me to know if my Firewall has a route to a particular destination? Th...

Matlu_NN by L2 Linker
  • 17359 Views
  • 16 replies
  • 0 Likes

Resolved! Reports not working multi-vsys PAN-OS 11.0.2

Hi, There's a multi-vsys PA-460 with 10.0.2 and it has been noticed that since upgrade specific report is not generating - it is blank when received in e-mail daily. To be more specific, message: There is no DAILY-SUMMARY-REPORT summary report on Tuesday, Oct 31 I've noticed some known issues for 11.0 regarding SaaS reports, but that specific ...

nikoo by L3 Networker
  • 2234 Views
  • 2 replies
  • 0 Likes

Dual ISP Ipsec/BGP tunnels to Azure

Has anyone created ISP failover for tunnels to Azure gateway? We have PA440 devices with two ISPs configured. Local networks are switched with path monitoring if ISP1 goes down. We want the same for the IPSec tunnel to Azure. From Azure documentation it seems that BGP failover can be used with different AS, with lower path having higher pri...

mdsgn1 by L1 Bithead
  • 2243 Views
  • 3 replies
  • 0 Likes

Palo Alto SNMP OIDs for Memory RAM use and Internal Storage use

Hello good afternoon community, please support, I need to monitor some information via SNMP, among them the RAM Memory and Internal Storage ( internal HDD ) of the Palo Alto Networks firewall. Currently I already have the SNMP OIDs for Management Plane CPU and Data Plane, I already have them. The ones I am missing are exactly: -RAM Memory-In...

Metgatz by L4 Transporter
  • 8766 Views
  • 3 replies
  • 0 Likes

Resolved! PAN-OS Certificate Expiration on Dec 31 2023

Hello, we have this error message when launching palo alto: "Urgent Action required: PAN-OS Certificate Expiration on Dec 31 2023. For details, refer to the following Customer Advisory: https://live.paloaltonetworks.com/t5/customer-advisories/emergency-update-required-pan-os-root-and-default-certificate/" When I click on the url, a page is d...

Panorama to VM Firewall

Hi Team, Is it mandatory to configure the Management Interface on firewall if we plan to manage the firewalls via Panorama? I am trying to setup connection from the firewall to manage it over the Panorama but unable to get the connection. Even TAC was saying it is necessary to have Mgmt interface if we manage it over Panorama. But in Service Pol...

  • 24397 Posts
  • 123 Subscriptions
Top Solution Authors
Labels