General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Commit Errors on 1st Push

Hi,

 

I have had to replace a PA-VM as the old one died. I have licensed it & imported it into Panorama, but when I try the initial push of the cfg it errors and fails-

Details:
. Validation Error:
. network -> interface -> tunnel -> units -> tunnel.10

...

CraigAddison_0-1674640811972.png

Global Protect

Hello Friends,

I need some advice for my next steps to solve the problem.

 

My problem: I got User ID mapping with Radius, and everything works fine.

But, when I create a policy for example (source IP XXXX for xxx users (VPN users) destination IP xxx

...

Resolved! Policy

Hi All,

 

Can we configure a single policy , giving user-id's and few different IP address as source.

Will both mentioned user id's and IP address are able reach the destinations which was allowed.

 

 

Sujanya by L3 Networker
  • 1387 Views
  • 3 replies
  • 0 Likes

User-id and office365

Hello Community!

We currently use Exchange logs for user-id to map users to IP address's so we can use AD groups for policies, etc. How do you do it when exchange is not on prem and you're using office 365? We used to use domain controllers, however

...

Resolved! How to get PCNSC Statue

Hello,

 

Does anyone knows, how can you get PCNSC Statue? I passed the PCNSC exam in January and since that time I did not received it yet. I seen pictures on Instagram and on Linkedin that people received it after one month. What do I have to do to ge

...

Pawel_G by L1 Bithead
  • 3078 Views
  • 3 replies
  • 0 Likes

Disk Partition Explanation

Hello all, is there any guide how to read disk-partition on firewall?

i see that the logs on the firewall is panlogs, but i still don't know what the other partition function. and why the panraid/ldl is high than the other partition

 

 

DennyChanditya_0-1674535023208.png

Resolved! Change forward decrypt trust cert to a new one.

I have forward ssl decrypt running and I want to change the cert I use. Can only have one forward trust cert at a time. If I deselect forward trust box I get commit error because my ssl decrypt policies don't have a forward trust cert. I can't select

...

djon by L1 Bithead
  • 2411 Views
  • 4 replies
  • 0 Likes

GP Issue while Migrating from PA-3020 to PA-460

Hi All,

We are facing GlobalProtect issue when we migrate from PA-3020 to PA-460. All the Configuration has been replicated. Users are able to connect to the Global Protect without any issues. Also users are able to connect to the local network witho

...

Resolved! PA 3220 function as a secondary / sub-ca

Greetings,

  We are researching Certificate management and all the certificate management the Firewall can do.  It came across as a question - is there a way to have the PA function as a secondary / sub-ca?  Our team members our discussing instead of

...

sallen by L1 Bithead
  • 1461 Views
  • 3 replies
  • 0 Likes

Resolved! Aggregate interface per cli

Dear all,

I am in search of how to create an aggregate interface per cli.

I am using eve-ng and the option to create the ae via the GUI is not available.

much appreciated.

 

 

 

Shadow by L2 Linker
  • 2820 Views
  • 2 replies
  • 0 Likes

HoneyPots?

Hello,

A bit off topic but still security related, just curious who out there uses honeypots. I know google is a good resource but want to get actual user feedback. What works, what doesnt, top level info is good.

 

Thanks in advance!

Prisma SD-WAN vs PAN-OS SD-WAN - Focused on SASE

Prisma SD-WAN vs PAN-OS SDWAN ... Focused on SASE


Hi good afternoon, as always, thanks for the time to answer and the good vibes. Today there is some confusion regarding these different variables, whether to use Prisma SD-WAN i.e. CloudGenix ION, to

...

Metgatz by L4 Transporter
  • 5033 Views
  • 2 replies
  • 0 Likes

DHCP Options

Hi All,

I need to send DHCP option 119 to my clients that are using the Palo Alto as their DHCP server.

Please can you confirm whether this is possible or not?

 

Thanks,

Jaggie

JAG by L1 Bithead
  • 5854 Views
  • 8 replies
  • 0 Likes
  • 23579 Posts
  • 103 Subscriptions
Top Liked Authors
Labels