General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

PBF not working with DNAT policy for server

Dear Team, We have 5 ISPs and we have configured PBF for a group of IPs/networks. We observed while routing the server from X ISP to Y ISP, the server which is published on X ISP becomes inaccessible. Request you please help to resolve the issue on a priority basis.

VINAYAKJ by L0 Member
  • 1253 Views
  • 1 replies
  • 0 Likes

Resolved! USER-ID mapping by firewall

Hi All, Consider there is an user ([email protected]) is accessing some network for which communication is allowed in firewall based on USER-ID rules. If the User([email protected]) at the same times access the allowed sites by using two different IP address, will the communication from both the machines would be allowed.

Sujanya by L3 Networker
  • 1773 Views
  • 1 replies
  • 0 Likes

SNMP Counter issue

Hello everyone I am having a problem with SNMP requests on my palo-alto. My issue is the following I don't see any traffic on the physical interfaces of the palo alto, the traffic remains at 0 I can clearly see the traffic on the virtual interface (VLAN). I am on zabbix My palo alto is a PA-440

LCutman by L1 Bithead
  • 1497 Views
  • 1 replies
  • 0 Likes

Panorama config export fail. Host key verification fails

When I try and configure a scheduled config export the connection fails. I get a message the RSA host key differs and asked to confirm adding the key. This is a loop and always asks to add the key. If I try to remove all the known host keys the command ( delete user-file ssh-known-hosts) completes but does not seem to delete anything. The sa...

Rawilson by L0 Member
  • 2637 Views
  • 1 replies
  • 1 Likes

comments in cli

Hi I have a text file with PANOS command line arguments (set) what character defines a comment line ? is there one ?

Alex_Samad by L4 Transporter
  • 16391 Views
  • 11 replies
  • 1 Likes

Resolved! PA is connected to a router

Hi PA(non-management interface) is connected to a router via a cable . What is minimus condition for the two device to ping each other? 1. ip address in interface are in same subnet, 2. interface associated with management profile to allow ping 3. interface type is L3 Any else? The reason why i ask the question is the two device cannot s...

Resolved! CLI configuration of adding interface to virtual router

Hi, When add a interface into virtual router using cli, do I need to copied all the interfaces in the virtual router currently, then add this new interface into the list? For example, current default virtual router has two interface ethernet1/1 and ethernet1/2, I want to add another interface ethernet1/3 what I need to do is only "set network v...

nowayout by L1 Bithead
  • 4899 Views
  • 2 replies
  • 0 Likes

Encrypted-DNS False Positive Heads Up

Presently 20230406.20033 and earlier updates are presenting a large number of false positive categorizations for encrypted-dns. This includes several domains from Bitwarden, YouTube, Google, Microsoft, Spotify, and many many others. If you have encrypted-dns set to block you may get reports of many services not functioning properly.

BPry by Cyber Elite
  • 4993 Views
  • 6 replies
  • 3 Likes

Resolved! L2 Over L3 with VXLAN protocol

Hello, Is it possible to configure a VXLAN tunnel on a Palo Alto 3220 (running PANOS 10.2.3)? I.e. is L2 over L3 tunneling using VXLAN protocol possible? If so, is there an example configuration you can point me to? Thanks!

brenna by L0 Member
  • 8112 Views
  • 2 replies
  • 0 Likes

blocking apps on google chromecast

Hello, Looking to block apps on a new Google Chromecast all apps would be great but haven't been able to block AppleTV, HBOMax and ESPN. I've put appletvplus and hbo into our blocked apps rule but they still open and able to be accessed. Any one succesfully blocked Chromecast apps? Thanks

mlaporte by L1 Bithead
  • 3364 Views
  • 2 replies
  • 0 Likes

Where to download update for PA-2050 for learning purposes.

I have been given a PA-2050 to play with, and get my hands dirty, learning PAN, etc. Where do I go find the latest supported image for it? https://support.paloaltonetworks.com/Updates/SoftwareUpdates/ doesn't have the PA-2000 series listed. It has PA-200, and then PA-3000, PA-4000, PA-5000 and the PA-VM series.Should I even bother? Should I j...

Fan_Tai by L0 Member
  • 4681 Views
  • 5 replies
  • 0 Likes

User cannot connect to Global protect portal.

The error message on this users GP client says they have an issue with they're certificate. The helpdesk apparently installed a certificate but I am not sure which one or where exactly. Now its telling me it cant access the portal at all. I want to doublecheck the user has the correct certificate. I know where the certs are in the palo alto and ...

  • 24393 Posts
  • 123 Subscriptions
Top Solution Authors
Labels