This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Resolved! NATing Question

I am using two PA-440 firewalls for a laptop testing. The purpose of the Lab is to test for VPN connectivity before deployment. Firewall A = has an external IP of 17.11.19.69/30 - Internal address 2.2.2.2/24 (LAN) Firewall B = has an external IP of 17.11.19.68/30 - internal address 3.3.3.3/24 (LAN) Because I have a block of public IP's, eac...

Building Cybersecurity Strategies: A Game of Digital Mahjong

Hi everyone, Lately, I’ve been thinking about how designing a strong cybersecurity strategy feels a lot like playing a complex game of Mahjong: every move matters, timing is crucial, and one wrong tile can shift the entire outcome. With AI-driven automation and increasingly dynamic threat landscapes, our “tiles” — firewalls, threat intelligence,...

Restrict Access to Box Account

Hi Team, We have a requirement to restrict the access to box account only when they get re-directed to box account from one particular website. So for example. User logs in to Facebook.com and need to upload a document. In facebook there will be a link to upload a document, when clicked it will re-direct to box account. So we need to restrict us...

Palo alto 1410 software update

Dear palo alto team, I would appreciate your advice, please.We are currently using a Palo Alto PA-1410 running on software version 11.2.3-5h.However, when checking for updates, we found that 11.2.4-h1 until 11.2.5. Could you kindly advise whether we should upgrade to a newer software version?If so, which version would be most suitable for our de...

QUIC decryption? A TCP replacement

It seems like QUIC is going to become main stream, Its not just this linked video, I am seeing QUIC related stuff increasingly now. As per docs I see even for 10.2 its advised to block udp 80/443 and block QUIC. I would guess Palo Alto bringing QUIC decryption feature soon to their products, may be by end of this year? 🤞 https://www.youtube.c...

raji_toor by L4 Transporter
  • 12256 Views
  • 4 replies
  • 1 Likes

URL citrix.rsieh.com is inaccessible through firewall

Hi Friends, 1) One of my customer is trying to access https://citrix.rsieh.com, although it initially opened, and it was soon redirected to https://sso-fe2eb653.sso.duosecurity.com/saml2/sp/sso and site is getting inaccessible through firewall 2) This are the User-Id users and they are not using authentication and decryption policy and apart fro...

User-ID two usernames being identified by User-ID servers

Hi,I am having troubles with getting the Palo's in my network to only use the UPN of a user in our environment. I would like to start creating security policies to control staff members access to resources based on their AD user rather than IP address and then further to that leverage groups. Long term of course the idea is to leverage AD groups...

ldap_group_mapping1.png
ldap_group_mapping2.png

Site to Site VPNs HA

Hello team, currently we have 2 VPN S2S, one as primary and the other one as secondary.Primary uses our primary ISP againts primary ISP from my peer, tunnel10, static route metric 10Secondary one uses our secondary ISP against secondary ISP from my peer, tunnel11 static route metric 11.This is the enviroment, so both VPNs are active but all the ...

PA-NGFW Sizing

Hello, I’m new to firewall sizing and would appreciate some expert guidance. Could someone help me understand the process to follow, the key questions to ask, and the important factors to consider when sizing a data center or edge firewall?

static route with path monitor down not removing BGP route

Hello, I am having issues with trying to get failover setup between vendor routers. We have vendor provided routers at our hub site and at one of our branch sites. We would like to have the traffic be routed to the branch vendor router in the event the hub vendor router is offline. I have setup a static route on the hub firewall to the hub vendo...

vendor-router-failover.jpg

A Good Way to Document Firewall

Hi all. im about to documentate our firewalls (palo). We have serveal firewalls, and need to get complaint with some docomentation of our firewalls. We are on bare ground and are starting from scarts. any recomendation og template to start from,?

LGTV and Netflix bugs out when going through Palo Alto

Hi. I have worked with Palo Alto for about 15 years, but now I have run into a really weird problem at home with my lab PA-440. I recently changed from PA-415 to PA-440 at home, and after that, my LGTV (2024) and Netflix on my Xbox console just stopped working. The TV can connect to WiFi, but can't access internet, it's own App Store and so ...

AntonHS by L0 Member
  • 1562 Views
  • 2 replies
  • 0 Likes
  • 24381 Posts
  • 123 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks