General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

 

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! 

 

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 483 Views
  • 0 replies
  • 0 Likes

split tunnel issue

 

These two snapshots are from two different VMs, which have installed GlobalProtect VPN. However, I saw different log messages printed out (check the marked part). I am just wondering why bindEntry is different on them?

 

Thanks

xingyun_0-1693228603537.png
xingyun_1-1693228649083.png
xingyun by L0 Member
  • 919 Views
  • 2 replies
  • 0 Likes

OSPF stuck in EX-START after PAN-OS upgrade

We ran into a situation where the OSPF was stuck into EX-START after upgrading the PAN_OS software from 9.1.10 to 9.1.16 (Preferred release).

We have a deny-all rule above the Intrazone-default allow, but it was working fine previously.

We checked th

...

Non-RFC Compliant DNS Traffic on Port 53/5353

HI,

Continuously receiving vulnerability threat events (Non-RFC Compliant DNS Traffic on Port 53/5353(56538))  form the same source IP towards our PA public IP addresses.  The source is also clean and belongs to Vodafone ISP.

 

I could not find any o

...

The 2034-24 Cyber Elite Program Is Here!

LIVEcommunity is pleased to announce the 2023-24 Cyber Elite Program

 

Cyber Elite members are LIVEcommunity super-users and cybersecurity experts who are generous in sharing their insights and expertise to help others in LIVEcommunity. 

 

Want to

...

jforsythe_0-1692904865177.png
jforsythe by Community Team Member
  • 1536 Views
  • 1 replies
  • 3 Likes

Resolved! Panorama vm running slower and slower until stuck

Hi The issue on panorama is there for long time. Anyone can help to resolve it? When panorama vm is created on eve-ng on ESXi, its speed is very slow and even stop or stuck there. I found the slowness is related with memory and storage size available

...

kevinospf_0-1693017474861.png
kevinospf by L3 Networker
  • 2515 Views
  • 2 replies
  • 0 Likes

Issues without using Proxy IDs on IPSEC tunnel

We are running into issues with VPN when we chose not to use PROXY ids between two PA firewalls.

We see it works fine when we add the proxy ids, but we shouldn't need to if both of them are Palo Alto, isn't it?

We see phase 2 keeps failing and the tu

...

GLOBALPROTECT split navigation

Hi everyone.

 

Currently I have a request. When vpn user is accessing throught globalprotect is necessary that fullfill two thing: If device is corporate (domain) he can use internet resource enterprise internet. But, when device is personal he must

...

apazmino by L1 Bithead
  • 1456 Views
  • 3 replies
  • 0 Likes

VPN Proxies

I have a VPN tunnel, which is up and running. I have two proxyIDs in the tunnel with the same local address but different remote addresses.

I can only get one proxy to connect.

For example, I currently have proxyID1 connected and can ping the other s

...

perton by L0 Member
  • 1051 Views
  • 2 replies
  • 0 Likes

TS User-ID and FSSO in the same server

Good morning,

 

reviewing the documentation of palo alto and fortinet informs me that they use the same internal ports for the fsso and for the user-id and to rule it out completely I wanted to know if you could configure the fsso and the user-id in

...

  • 24089 Posts
  • 116 Subscriptions
Top Liked Authors
Labels