This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Resolved! PAN-OS Certificate Expirations Clarification

With all the recent certificate update requests over the past couple months, the documents have become a bit confusing. Previously the below article stated version 10.1.11-h4 was a fix but now the article (updated 2/22/24) says version 10.1.11-h5 is

...

Prove the firewall innocent?

Hello,

We have communication from load balancer to 2 servers called S1 and S2.

Both S1 and S2 have same Windows Server version and have exact same patch level.

Both serve a web-service hosted on their IIS.

On Palo firewall, we have App-ID based rule

...

allowing MS product activation and denying web access

I have a network that I want to allow MS product activation to work but web browsing and other internet activity to be denied.

I have two main security policies that apply just to this network although DNS and ntp is also allowed:

The first one is an a

...

kjh by Not applicable
  • 6865 Views
  • 3 replies
  • 0 Likes

Resolved! QoS Policing on one of interface.

I want to establish a 600Mb egress rate limit on a specific interface. Is this the correct procedure to implement and enforce the policy? Since I'm new to setting up QoS on Palo Alto devices, I would appreciate some guidance. Additionally, I'm curiou

...

JasonKu_0-1708801333211.png
JasonKu_1-1708801379846.png
Jason.Ku by L0 Member
  • 300 Views
  • 1 replies
  • 0 Likes

Resolved! VPN Global Protect Portal - two VR and one VR environments

VPN Global Protect Portal - two VR and one VR environments

 

Hello, good afternoon.

As always, thanks for the help, the support, your time and collaboration always.

 

I tell you I have the following case, which has me very restless, since I always tr

...

Metgatz by L4 Transporter
  • 2989 Views
  • 2 replies
  • 0 Likes

Layer 2 subinterfaces w/ Vlan interface for routing.....

Say I want to connect this port to a switch downstream (trunk), with clients hanging off of switch on access ports and use vlan interfaces for routing. Switch is set to trunk allowing relevant vlans, the firewall interface is subinterfaced (layer2) w

...

VK9H13 by L1 Bithead
  • 273 Views
  • 1 replies
  • 1 Likes

Resolved! SSL decryption Certificate expired

Hi Team,
We have PA self signed certificate in the firewall being used for SSL Decryption, the certificate is about to expire
From GUI we can able to renew for another one year but our concern
  • Will it automatically replace the existing certificate in en
...

VishnuPS by L3 Networker
  • 3611 Views
  • 3 replies
  • 0 Likes

QUIC decryption? A TCP replacement

It seems like QUIC is going to become main stream, Its not just this linked video, I am seeing QUIC related stuff increasingly now. As per docs I see even for 10.2 its advised to block udp 80/443 and block QUIC. I would guess Palo Alto bringing QUIC

...

raji_toor by L4 Transporter
  • 3889 Views
  • 3 replies
  • 1 Likes

GlobalProtect Version

Hi Team,

We are currently running 6.0.5 GP client version, now we are planning to upgrade the version in Prisma. May i know which version is the best version as we faced few issues in 6.2.0 for different customer not sure which is the better version

...

Palo Alto laboratory

Hi, I would like to create a laboratory. Where I will use Palo Alto (PA-3050). Is there any possibility to create something like a virtual machine for 10 users from this one PA? I would like 10 people to use this one at the same time.

 

If anyone knows

...

Jokurr by L0 Member
  • 2133 Views
  • 4 replies
  • 0 Likes

SYSTEM ALERT : high : Delete Cert

HI Folks,

 

Getting below alret from the panorama.

 

FW: PAN-M-600-Secondary - SYSTEM ALERT : high : Delete Cert '4aba874e-912d-4967-993e-b3c24058f841

 

Kindly help me to know what we have to do for this high alert.



Please note you are posting a publi...

CyberEye by L3 Networker
  • 1469 Views
  • 2 replies
  • 0 Likes

Beacon - E-LEarning course pop up error

Hi All,

So last few days i am going through the e-learning course for PRMuA (Prisma Access)

completed a number of courses and assessments sofar but today, when I completed the Security Policy and Security Profiles - however I get a warning error with

...

Ants by L1 Bithead
  • 830 Views
  • 2 replies
  • 0 Likes
  • 24197 Posts
  • 100 Subscriptions
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks