General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

PA-3410: L3 interface configuration / ping from disconnected port?

Hello everyone, I got a PA-3410, it's up and running for a while as an internet gateway to a local network. It's configured with static ip4 addresses, source NAT, security zones, default route etc, everythings working good. Recently I remotely configured an additional ethernet port (L3) but I'm not able to ping an internet destination with i...

anyone using OCSP?

got an issue where 2 of the 4 gateways work with OCSP after upgrading to 10.1.10-h2 do we need to go to 10.2? or 11. so we have 2 on 10.0.8 and 2 on 10.1.10-h2 working with OCSP 2 on older version, we had to downgrade to get it to work. 2 old version were build from 2017/2018 azure VM where as the 2 working on 10.1.10-hs are from a 2...

Deploy Velocloud VCE to connect existing Palo device in AWS

Hi Support we try to add new interface on AWS VPC for palo alto firewall. we using this kb as guide: https://docs.paloaltonetworks.com/vm-series/10-1/vm-series-deployment/set-up-the-vm-series-firewall-on-aws/vm-series-integration-with-gateway-load-balancer/integrate-the-vm-series-with-an-aws-gateway-load-balancer/associate-a-vpc-endpoint-w...

Having problems with the Palo Alto API with vm_eval 10.0.4

I'm trying to make API calls. Using XML pathing it works fine. '/api/?type=config&action=get&xpath=/config/devices/entry[@name="localhost.localdomain"]/vsys/entry[@name="vsys1"]/rulebase/security/rules' So actually I had 2 questions. Is there a difference in functionality between the rest api calls and the xml pathing api calls? I'm a...

hfakoor2 by L2 Linker
  • 1781 Views
  • 1 replies
  • 0 Likes

IPSec and PROXY ID

Hi Some back ground - been a long time since i delved into ipsec + proxyid. back in the linux days with strongswan and openswan and there was issues with nat and ipsec. My understanding back then was you had a interface say eth0 and when you applied a IPSEC tunnel (so ESP not AH) the proxyid were used to identify what was encapsulated into t...

Alex_Samad by L4 Transporter
  • 18559 Views
  • 10 replies
  • 0 Likes

returning packet going back the way they came

Hi I have need to connect to a new site - they have over lapping IP address ranges. I have agreed to re number - all good. want to setup a IPSEC tunnel and I would like to SNAT all traffic from this new site so lets that I am using 192.168.10-20.0/24 and the space is 192.168.240-250.0/24 So its going to take a while to get it all renumbered ...

Resolved! The website experienced a temporary decline in traffic.

I'm facing issue when accessing NBA picks website which is hosted on cloud. I have created object of website and called in policy . this issue occurs when i have called object in destination and I m trying to access website . if i have access this website as destination put any then it will accessible.

screenshot (2).png
screenshot (1).png

SD WAN policy did not working after upgrade PAN-OS

Hi Team, I have a PA-850 in HA , recently we have upgrade the PAN-OS firewall from 10.1.10 to 10.1.11 and managed by Panorama. and then we check and found out the SDWAN policy is not working anymore. Before upgrade it's working fine. i have upload the primary non working of the SD wan Policy. There's no error message in GUI i tried to shut...

Regarding Setting up my University's VPN for another account

Hello, my name is Andrew. I am a student with UCR that needs to use GlobalProtect to sign into my University's VPN to use their academic website resources (library databases, etc.). I am reaching out to you guys because it takes me to the PaloAlto website sign-in portal every time I click on the MacOS directions to use the UCR "off-campus" link ...

Resolved! Upgrade PAN-OS from 9.1.14 to 10.1.10

hi, thanks for looking we need to update our Box, going to 10.1.10 from 9.1.14 does anyone see any issues? is there a preferred route if we did then go to 10.1.10 do I need a specific Global protect client version to work with it, (currently on 5.2.10) thanks

Newly Registered Domain Access

Hi All, We have a request from customer to get access to a newly registered site. After we allowed access to the URL, we see the drop logs due to Sinkhole configuration. Threat Type says Spyware and DNS Policy is configured for newly registered domains as Sinkhole by Default. So this is expected. But is there any other way i can allow access to ...

Clarification on how PA process Security profile with applied Service/URL Category

Hi All, I have a quick question and hopefully someone can help me understand how security profile is processed by PA. I understand that security profile is processed from left to right, then top to bottom. My question is, does all criteria need to match so that the traffic will match the rule? Is the logic used by PA is AND or OR? Source ...

Resolved! Determining false positives in Wildfire

Disclaimer- I am a big fan of Wildfire. Since implementing it the beginning of this month, it has shed much light on malicious activity on our network. Thanks for it!Like others in related posts, I would like to know more about the criteria for determining the verdict of malware. I received a report this mornting that a Dell BIOS file, DMC521-01...

cloughr by L2 Linker
  • 8851 Views
  • 5 replies
  • 0 Likes
  • 24393 Posts
  • 123 Subscriptions
Top Solution Authors
Labels