General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Threat Vector, a Unit 42 Podcast, is Now on LIVEcommunity!

We have some exciting community news to share: Threat Vector, a Unit 42 podcast, is now on LIVEcommunity!

 

Threat Vector is your compass in the world of cyberthreats. Listen to this biweekly podcast to learn about unique threat intelligence, cutting

...

jforsythe by Community Team Member
  • 335 Views
  • 0 replies
  • 0 Likes

How and Why to Accept a Solution to Your Post

Did you know that you can help your fellow community members by accepting solutions when a reply answers your question. Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature

...

JayGolf_0-1691518400714.jpeg
JayGolf by Community Team Member
  • 3734 Views
  • 3 replies
  • 14 Likes

Change IP MGT Firewall conect to Panorama

Hello, good afternoon everyone, thank you very much for your time, help and support.

 

I have the following scenario:

1.- Panorama managing 6 firewalls
2.- Panorama version 9.1.6
3.- Firewall HA 9.1.6 (5250 - This will be used for configuration migration

...

Metgatz by L4 Transporter
  • 4969 Views
  • 2 replies
  • 0 Likes

VPN Site to Site configuration between two PAs

Hi,

I've been trying to get clients on the end of two different Palo Altos to be able to ping each other. Everything is green but the IPsec Tunnel doesnt seem to be working. Using tracert, traffic from a client first hops to the LAN Port and then to t

...

smshafek by L1 Bithead
  • 1777 Views
  • 3 replies
  • 0 Likes

Howto delete sub-interace from cli

Hi,

I`m trying to delete a sub-interface from CLI but cant seem to find the correct command, i managed to remove the IP address and tag but not the entire sub-interface.

admin@PA-200# delete network interface ethernet ethernet1/4 layer3 units ethernet1

...

u18830 by Not applicable
  • 11398 Views
  • 13 replies
  • 0 Likes

Resolved! External Palo Alto Dynamic List

Hi Team 

 

 

Have a PA220   licensed for Wild fire, Threat prevention, and PANDB URL filtering .

 

Though I had configured the External Dynamic List based on the best practice, I could not get the default  PaloAlto Dynamic IP lists feed : Palo Alto Networ

...

User-id agent timeout integration with dhcp lease timeout

Hi all,

let's suppose these conditions:

 

- interface with dhcp enabled, 24 hours lease timeout, ip range (for example) 192.168.3.0/24

- user-id agent enabled with 45 minutes timeout

- virtual machine environment with non persistent vm, so when a machine

...

N2Z2 by L2 Linker
  • 2372 Views
  • 5 replies
  • 0 Likes

Resolved! No hits on source NAT

Really basic setup here.  I'm just trying to get a lab setup going but I'm not able to get out to the Internet.  I'm not seeing any hits on my NAT policy and therefore no hits no my security policies.  To my knowledge this is setup correctly.  I can

...

NAT-config.PNG
AtosErik by L0 Member
  • 2642 Views
  • 2 replies
  • 0 Likes

url category with wildcard

I have to create a url category which is would allow anything coming from url

x.y.z.com/api-*

every time i try to create that custom url category i get the following error

"Consecutive asterisks (*) in a URL wildcard pattern can severely impact perfo

...

Resolved! Objects Capacity on PA-3400 Series

Hello,

 

Despite my research on the site, I am looking for the following features on the PA-3400 series:

- Max Virtual Routers

- Max. Security Zones

- Max. Security Rule

- Max. Address Objects

- Max. Address Groups

...

Thank you for your help

site to site vpn. IKEv2 and fragmentation?

When configuring a site to site IPSEC tunnel, i see that the IKE gateway can be set to allow packet fragmentation or not (DF bit) when using IKEv1. However the option isn't present for IKEv2. Other vendors, such as Cisco, allow the DF bit to be set f

...

Resolved! meaning of ms.log - update system boot?

Hi all,

 

I am checking the log of firewall to know the states of firewall issue.

I found that there are some log in ms.log as show below

2022-XX-XX XX:XX:XX.XXX +0800 update system boot: count = YYYY, timestamp = 2022/XX/XX XX:XX:XX

 

What is the meaning

...

JoeKwok by L2 Linker
  • 2431 Views
  • 1 replies
  • 0 Likes
  • 24198 Posts
  • 100 Subscriptions
Top Liked Authors
Labels