General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Resolved! Moving some connections to the New PA

We have this setup for one site ------Dis sw--------------Edge switch stack of 3 ----------40 users we need to move few users behind the PA . what can be best design for this as we only need to have 5 to 10 users behind the PA 850.? Should we connect small switch to the existing stack of switch ?

MP18 by Cyber Elite
  • 8536 Views
  • 15 replies
  • 0 Likes

Certificate delete

Hi i have a problem certificate delete. But sow error Failed to delete Certificate - CaptivePortal. ° CaptivePortal cannot be deleted because of references from: i look to to ssl/tls service profile list not show profiles. plase help mee

btadmin by L1 Bithead
  • 2435 Views
  • 6 replies
  • 0 Likes

Resolved! Configuring multiple DHCP scopes via single layer 3 interface

Hi All, I am running PanOS 10.1.0 vm image. Devices are connected as mentioned below. Firewall E1/2 ---> L3 switch ---> Vlan 10, Vlan 20 I would really appreciate if some can tell me how to configure two DHCP scopes for Vlan 10 and Vlan 20 in PA firewall because once I configured one scope under E1/2 , for second scope E1/2 is not appearin...

gayansasamarakoon_0-1634935691287.png

Clarification regarding vsys function and network isolation

Hello,After reading about and looking through documentation regarding vsys, and routing between vsys on the same firewall via use of external zones, as well as the vsys<>VR association, I have a few questions I would like to clarify if possible:1. If I have two vsys that share one virtual router, by default, will they be able to send traff...

Resolved! Prisma Cloud Workload Protection

Hello, I'm playing with the API to get hosts' vulnerabilities and images' vulnerabilities in Prisma Cloud (CWPP) (documentation: https://pan.dev/prisma-cloud/api/cwpp/get-images/) Following the documentation (which is great by the way) I noticed there is a note for some endpoints « Note: The API rate limit for this endpoint is 30 requests per mi...

Resolved! PA-3220 keeps shutting down to suspended state - can't enter maintenance mode to reset to factory

I have a PA-3220 that was likely formerly part of an HA pair. This device was the passive device and the other 3220 that was part of the pair is gone so I'm trying to factory reset this device. When I startup the system it boots to the login screen but it will not accept my password. After a couple tries, the devices shuts down with a message...

Proxy SG to Palo alto policy migration

Hi, Is there any automation tool through which we can migrate all our proxy SG policy rule, object and object group to Palo alto. Or else if there is any alternate option then please let me know.

Global Protect Linux and Strongswan

I had to test IPSec connection on Linux using strongswan as part of a support case i was working on and i collected a lot of good information on how to get this working. So i thought i would share it with you. Tested on PANOS 7.1.2, Ubuntu 16.04, Strongswan 5.3.5-1 Install Ubuntu Desktop or CentOS into VMWare environment and then install Strongs...

Xauth Option.png
ipsec.png
Client Success.png
system Logs.PNG
Davyboy by L1 Bithead
  • 14363 Views
  • 4 replies
  • 3 Likes

Cortex XDR agent change managing server

Hi All,Looking for best way to migrate cortex XDR agents to new tenant in bulk.I have downloaded all the hostnames in excel format and when i try to paste it on the XDr console filter section it doesnt work.Please comment

Resolved! HOW TO CONFIGURE .1q - VLAN TRUNK

Hi guys ,I have a lots of doubts about how to configure .1q vlan TAG / TRUNK on PALO ALTO FIREWALL.It`s possible to work with layer 3 interface ?I don`t found any documents here.Does anyone have something to help me.Nbest RegardsTHiago LIma.

Thiago by L3 Networker
  • 3926 Views
  • 2 replies
  • 0 Likes

Resolved! Disable weak cipher suites for SSL/TLS and SSH

Hi Team, I want to Disable weak cipher suites for SSL/TLS and SSH my question is, are the below commands correct ? Do I need to run below commands on Active and Passive firewalls separately ? I am using data port as management ( I do have dedicated management port with IP but not using it) so below commands are still valid. Also, I am on PAN OS...

shafi021 by L2 Linker
  • 48462 Views
  • 8 replies
  • 0 Likes

Correct way to setup UserID redistribution

Hi there, I'm looking for the correct way to build our UserID redistribution topology based on our enterprise needs. We have 1 Panorama appliance, 4 PA3020 hosting a GP Gateway component and 50 PA3020 for remote offices. Our only source for UserID is the GP Gateways. I've set up Panorama to retrieve UserID information from our 4 GP Gateway and o...

  • 24396 Posts
  • 123 Subscriptions
Top Solution Authors
Labels