General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Add a Ztp paloalto firewall to panorama

Hi Sir. Working in ztp mode and trying to work with the Palo Alto firewall. I saw that link and set it up, but the connection is failing. ↓ https://docs.paloaltonetworks.com/panorama/9-1/panorama-admin/manage-firewalls/set-up-zero-touch-provisioning/install-the-ztp-plugin/register-panorama-with-the-ztp-service/register-panorama-with-the-ztp-...

qmso475_0-1682323731227.png
qmso475 by L3 Networker
  • 2240 Views
  • 3 replies
  • 0 Likes

Resolved! deleting snapshots with long names (more than 32 characters )

Hi all, is there a way to delete these files please? admin@PA-440> delete config saved ?90_Backup 2023/04/21 18:29:07 151.7K migrated-frr-running-config.xml.error.last 2023/04/18 17:54:28 0.0K migrated-frr-running-config.xml.last 2023/04/18 17:54:28 144.5K ------------------ admin@PA-440> delete config saved migrated-frr-running-config...

nevolex by L3 Networker
  • 2542 Views
  • 2 replies
  • 0 Likes

Tunnel monitoring between plao alto and policy based cisco vpn

I am thinking about possibility of doing a tunnel monitoring from palo alto to cisco route vpn which is configured in policy based mode. Do palo alto supports below configuration to do so. 1. Set up /32 IP in tunnel interface of palo alto 2. Configure tunnel monitoring to Peer IP of peer cisco. Do this work?

Aaida by L1 Bithead
  • 4648 Views
  • 7 replies
  • 0 Likes

Palo Alto Security Advisories RSS

Hey Everyone, Has anyone come across an official RSS feed (or similar) from Palo Alto which allows easy access to recent security advisories. Within my company we're look at pulling these from all our vendors so we can easily automate the notification and tracking of them. I know the vulnerabilities are published at the link below but these can'...

Gukaaran by L1 Bithead
  • 29828 Views
  • 5 replies
  • 1 Likes

Resolved! IPSEC tunnel Phase-2

We have created an tunnel with SAP and as per their suggestion we have disabled tunnel monitoring, keepalive settings from our end. It is IKEV2 tunnel.We noticed that after sometime due to traffic not flowing suddenly Phase-2 is going down, as soon as it goes down we were seeing the issue in connectivity.As soon as manually trigger the tunnel an...

Sujanya by L3 Networker
  • 12361 Views
  • 14 replies
  • 0 Likes

Questions about Palo Alto VM Series 30 day trial

I have the PA 30 day eval VM loaded in ESXi but have a few questions: - the company I work for is a PA partner. After filling out the request form it took almost a month before I received an email saying "Here is your VM series trial link". A friend of mine requested the Eval using a non-partner PA account about 2 weeks ago and hasn't heard an...

About User-ID configurate

Hello, My User-ID agent was successfully linked to PA and I also saw Source User in the log. I then configured the LDAP and group mapping and applied its source user to the new policy and wanted to verify that it worked. I found that the PAs were all using the old policy (LAN_to_WAN) and it seemed that the PAs were not catching the source ...

young19918_0-1682139262606.png
young19918_1-1682139381621.png
young19918_2-1682139521043.png

Resolved! PBF Rule breaks internal network access when connected to VPN

So, we have 2 ISPs and recently made a PBF rule that takes source, user and destination 'any' to route to ISP 1. Everything works and we can see traffic flowing accordingly. However, When 1 of our users connected via VPN (global protect) which is setup to connect to ISP 1, they can connect but were unable to access any of the internal network re...

Inbound NAT for multiple VMs through single Azure firewall

Hello, One of my customer purchased an instance Azure VM-300 firewall recently. The customer has approximately 25 applications in the Azure network and they need to publish these applications to the internet users through the Palo Alto firewall. Each of these VMs have a public IP and the customer need to retain these IP addresses since they have...

shabeeb by L1 Bithead
  • 3678 Views
  • 2 replies
  • 0 Likes

link-change still informational severity?

Can someone explain to me the rational behind allowing an interface to drop and having the link-change log a down state and yet have it be INFORMATIONAL severity level? I saw an old question about this and it seems somewhat ridiculous? We had filtering on higher severity levels and had a circuit drop and never got the alert and then realized wh...

  • 24404 Posts
  • 123 Subscriptions
Top Solution Authors
Labels