General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Join the Fuel User Spark Event on March 19: Dealing with Threats !

 

Join us at the Fuel User Group Spark Event on March 19!

 

Get ready to ignite your cybersecurity knowledge and connect with industry experts at our upcoming Spark event hosted by the Fuel User Group. Whether you're a seasoned professional or just

...

kiwi_0-1709893724672.jpeg
kiwi by Community Team Member
  • 279 Views
  • 1 replies
  • 2 Likes

How and Why to Accept a Solution to Your Post

Did you know that you can help your fellow community members by accepting solutions when a reply answers your question. Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature

...

JayGolf_0-1691518400714.jpeg
JayGolf by Community Team Member
  • 3159 Views
  • 2 replies
  • 14 Likes

Fun with MS Office 365

Hello Community,

Has anyone found a way to allow access to a corp instance in o365 but block all other access? The idea would be so that a corp user can log into the corps instance, however block access to another companies or even personal instance.

 

...

Double NAT return packet dropping in firewall

Can anyone help point out if I am missing something obvious here.... I have a new vendor over an AmazonAWS VPN that I have to double NAT inbound traffic for (because they are using IP ranges that clash with our existing network and best practices, i.

...

Resolved! IPSec Tunnel Monitoring for Single Tunnel

Is there any benefit of setting up tunnel monitoring if it’s just one tunnel, i.e. no failover tunnel?

 

Our monitor profile obviously would be to wait for recovery. We have third party alerts for devices on each side of the tunnel should they go dow

...

KGDrake by L0 Member
  • 2358 Views
  • 3 replies
  • 0 Likes

IOT Policy Set creation ability missing?

Why is it that on some devices I am able to click and create policy (highlighted blue), but others like the Lenovo computer, or Dell Computer profiles I am unable to click and create a policy for them from the profiles page?  Seems to be related to d

...

Sec101_0-1651088583181.png
Sec101 by L4 Transporter
  • 1422 Views
  • 1 replies
  • 0 Likes

URL Filtering > Advanced URL Filtering

Hi,

With legacy URL filtering no longer available we've renewed our subs with Advanced URL Filtering instead.

The license for this appeared in the support portal but did not come down to the firewall itself (still showing the legacy sub which expires i

...

SARowe_NZ by L3 Networker
  • 1676 Views
  • 3 replies
  • 0 Likes

Resolved! GlobalProtect and other VPN tools

Hi mates,

I was wondering if there are any ways or tools to block the GlobalProtect connection when another type of VPN is up and running.

 

The main goal of this is to get the right country of origin information on the GlobalProtect logs on the firewal

...

Fail-over VPN site-to-site

Hi,

 

We have a PA with two VPNs configured. VPN-Main is the active one and if this vpn falls, the traffic must go through the other VPN-backup. The fact is that when the active VPN falls, the route that has the Palo Alto continues going through the pr

...

1.JPG
2.JPG
3.JPG
BigPalo by L4 Transporter
  • 17914 Views
  • 21 replies
  • 0 Likes

Resolved! overlapping subnets in virtual router and NAT

Hi

 

I have two virtual routers say customer-1 and customer-2 having subnets 10.10.10.0/24 (overlapping subnet). Now internet connection line is on eth1/1 which is in default virtual router. Both customer-1 and customer-2 needs to access the internet b

...

Globalprotect Certificate Pop-up sometimes?

When connecting to globalprotect, using MFA, sometimes after login there is a certificate popup that details the GP certificate.  You have to click ok or cancel. 

 

Anyone know what the deal is with this? It's not consistent, and it's not an error, but

...

Resolved! Having issues with certain pages on Live Community

Hello,

 

I'm currently receiving multiple errors like this:

Access Denied You do not have sufficient privileges for this resource or its parent to perform this action.

 

This is not the first time. In the past, I was instructed to log in in to the live co

...

How can I see which user access what website

Hi,

 

I'm currently managing a PA-220 and have setup URL-filtering.

 

I can see which IP-addresses that tries to access the blocked websites.

Is there any possibility to resolve/match this IP-address to our DHCP server to see exactly which mac/computer it

...

Unknow email address suffixed on PA Syslog

Few emails are neither registered nor getting suffixed from the Splunk SIEM solution.

A TCP dump from the server to identify whether the logs with the email address abcdef@123.com are coming directly from the PA firewall shows that those are from the

...

  • 24089 Posts
  • 99 Subscriptions
Top Solution Authors
Top Liked Authors
Labels