General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

 

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! 

 

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 498 Views
  • 0 replies
  • 0 Likes

Global Protect Not able to access external application

 

Hi, I have a web application hosted by OCI,  from on Prem I and my users can access the application without any problems.  However when connecting to our PA setup through global protect we cant access the application.

 

We have a very similar setup

...

paul-b by L0 Member
  • 3096 Views
  • 3 replies
  • 0 Likes

Web Auth FW with HA

Hello,

I am configuring Webauth with certificate on my FW cluster and currently the access to the active FW is correct.

I have created CA and client certificate correctly, the problem I am facing to access the passive node,

is it necessary to create

...

Alpalo by L4 Transporter
  • 1184 Views
  • 3 replies
  • 0 Likes

Resolved! Migrating PA-5050 to PA-5410

Hello all,

 

 Is it possible to migrate from PA-5050 to PA-5410? I've been finding threads regarding migrating to PA-5220 only, but nothing on migrating to PA-5410. We've updated the PA-5050 to the final version available 8.1.25, but when we move to

...

How to configure ipsec vpn

How to configure ipsec vpn between palo atto and fortigate firewall .

VPN flow is following

Remote Lan (191.168.1.0/24) >>>>  Fortigate (192.168.10.2 private ip)>>>>>Cisco router(203.1.1.2/29)>>>>>PaloAlto(202.1.1.10/30-public ip)----Local lan

fortig

...

Chignon by L0 Member
  • 1525 Views
  • 2 replies
  • 0 Likes

Resolved! Adding management interface to OSPF via CLI

I'm doing a lab and I need to SSH to the firewalls to run some python scripts,

 

Is there a way to set OSPF to management interacee via set commands, with a management interface of 10.1.1.75?

 

I got the virtual-router default into OSPF, but I can't

...

hfakoor2 by L2 Linker
  • 1506 Views
  • 3 replies
  • 0 Likes

Resolved! Generate cookie vs Accept cookie

Hi Team,

 

Can anyone explain what Generate cookie and Accept cookie actually do? I always find myself messing with the cookie settings when enabling DUO/Azure SAML MFA but confused as to what the difference is and what they do.

 

 

Schneur_Feldman_0-1680710262228.png

Problem when SSH into a firewall

I can SSH from firewall to firewall, but when i try to SSH from a C brand router to the paloalto firewall I receive this error message:

 

 

*Sep 27 21:16:32.190: %SSH-3-NO_MATCH: No matching cipher found: client aes128-cbc server chacha20-poly1305@op

...

hfakoor2 by L2 Linker
  • 1255 Views
  • 1 replies
  • 0 Likes

Resolved! adding a default route in the CLI

trying to set a default route and getting error message

 

set network virtual-router default routing-table ip static-route default next-hop ip-address 10.1.5.9

 

 

any ideas on how to set a default route point to next hop 10.1.5.9?

 

Thanks

cisc_forum_2.png
hfakoor2 by L2 Linker
  • 4787 Views
  • 2 replies
  • 0 Likes

Resolved! Allow wildcard DNS in a Network Address

Hello all,

 

We have setup a Hybrid Connection Wizard between our on-prem Exchange server and Office 365, Microsoft has provided the following link for reference in regards to firewall considerations (https://bit.ly/3dpfiZs)

 

under SMTP port 25 - the do

...

C4c-1942 by L1 Bithead
  • 42483 Views
  • 10 replies
  • 0 Likes

Incorrect PANORAMA health MonitorStatus

Hi there,

 

Could you help me understanding of my device status correctly :

 

I was looking at my device status in PANORAMA's beautiful featrure called "Deviating devices" list. I couldn't quite understand why it is reporting some of my PA devices as dev

...

CLI commands to create a SSH profile, via the CLI?

I'm working on a Python script to change permitted-ip addresses on interfaces, uploading it to my resumé to send out. 

 

I'm fairly new to paloalto, however I'm familiar to some extent with firewalls, and familiar with routers/switches.

 

I want to c

...

hfakoor2 by L2 Linker
  • 2606 Views
  • 1 replies
  • 0 Likes
  • 24093 Posts
  • 116 Subscriptions
Labels