General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

 

Rules and Best Practices

 

  1. Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion
...

JayGolf by Community Team Member
  • 210 Views
  • 0 replies
  • 0 Likes

Resolved! interface-management-profile - CLI

Hello

 

When I am configuring sub-interface (or interface) with CLI from Panorama as :

 

set template [name] config network interface ethernet ethernet1/x layer3 interface-management-profile [Profile] units ethernet1/x.x comment [comment] tag [xx] ip

...

Active/Active failover triggers for multiple Vwire?

Hello,

 

I've been looking for some time docs which closely describe PA Active/Active setup for only Vwire interface mode (multiple defined Vwire's), especially failover triggers like a link or path monitoring, but no luck. I decided to start with th

...

Tician by L1 Bithead
  • 1729 Views
  • 2 replies
  • 0 Likes

GlobalProtect stops to connect

Hi all,
GlobalProtect stopped to connect to server. 
So it works before ( I did not install any new software, firewals, proxies, .... etc) It contiue work under VirtualBox machine, so it is not a problem of my internet provider, but it stops to connect

...

BGP AS-Path allow

Hi All,

 

I suspect the answer to this is in the Advanced Routing in PanOS 10.

 

We have configured a new system as Active-Active and BGP. The firewalls are in different DCs, the DMZ side of the firewall can talk to routers in both DCs but only its l

...

a.jones by L3 Networker
  • 2494 Views
  • 3 replies
  • 0 Likes

Allow traffic other than IPSec

Hi all,

 

Site A

Source Zone: test-DMZ

Interface: ae 1 (172.16.1.1)

Tunnel Interface is in internal-trust zone.

Static route set to destination 10.10.10.1

 

I have an IPsec tunnel between 2 sites. 

However, i want to allow traffic from other sources

...

mike.07 by L1 Bithead
  • 1375 Views
  • 2 replies
  • 0 Likes

How to whitelist specific URL with path included.

I want to whitelist a specific URL with path. Eg: https://live.paloaltonetworks.com/t5/forums/postpage/board-id/members_discuss

I tried adding it the same as it is in URL category and created the following rule:

Source: Ip of source

Destination: ANY

...

Amey05 by L0 Member
  • 2025 Views
  • 1 replies
  • 0 Likes

Active-Active Firewall - BGP failure condition

Hi All,

 

How can I instigate a firewall failover for an Active-Active firewall if BGP fails? I feel I need a full failover but please tell me if I am wrong.

 

Here is the situation: Firewall in Active-Active mode, HA1,2 and 3 up. BGP peering on outs

...

a.jones by L3 Networker
  • 1580 Views
  • 1 replies
  • 0 Likes

Unable to Login After Factory Reset

Hello Community,

 

I have just carried out a factory reset. However, now I'm not able login with the admin-admin login/password. 

 

I'm presented with the prompt:

 

PA-HDF login: 

 

I read I should wait for the prompt:

 

PA-500 login:

 

However, the

...

reset qos application statistics

Hi all,

 

I was wandering if there's a way, under network -> qos ->statistics, to reset the application list of an interface.

 

These list are never refresched and contain applications that are no more seen. So I really would like a fresh start in or

...

DNS security license

French Arab milf an*l f*cked - https://livesex.run
Pegging bisexual cuckold and shemale - https://sexcam.red
Closeup titf*ck and bl*wjob - https://livesexcams.work

Leohec by L0 Member
  • 1237 Views
  • 1 replies
  • 0 Likes

Resolved! Suspected Credential Phishing Detected

Hi!

 

Users connecting to our network via VPN receive "Suspected Credential Phishing Detected" when attempting to log into our in-house equipment reservation webpage. The URL filtering log indicates a blocked URL action on category "government".   I'

...

Resolved! Nested Device Group in Panorama

How to create nested device group in panorama, is the same device group can be part of multiple nested device group.

 

If yes, how the policy priorities would be.

Please suggest here.

Sujanya by L3 Networker
  • 3125 Views
  • 4 replies
  • 0 Likes

NAT without braking current IPSec

Hi All, 

 

Need some help regarding my dilemma.

IPsec tunnel between Site A and Site B.

Static route for this tunnel is setup to forward traffic to only on subnet (10.100.x.x).

I am working on updating patches on server that is under Site A.

I need a

...

mike.07 by L1 Bithead
  • 1791 Views
  • 3 replies
  • 0 Likes

PCI DSS 3.2.1 Responsibility Matrix for SaaS Services

I've been looking for any details from Palo Alto regarding the responsibility of controls for PCI 3.2.1 when it comes to SaaS and PaaS offerings such as Prisma Access, Wildfire, XSOAR, XDR, etc.  Most service providers will publish a 'responsibility

...

mslavens by L1 Bithead
  • 2788 Views
  • 2 replies
  • 0 Likes
  • 23779 Posts
  • 110 Subscriptions
Top Solution Authors
Labels