General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Serial port on 4050 not showing output

I picked up a used 4050 on ebay. It booted when I got it and I missed the prompt window to type "maint" so I could wipe it. Now I get no display. I am getting pretty frustrated with this unit. Does this console access acct weird by design? Why did it work at first? Can I pop the lid and go mount the drive in a PC and delete the /ect/config direc...

Migrating PA5020 to PA5220

Hello, I am in the process of migrating an HA pair PA-5020 on version 8.1.22 to PA-5220 that shipped with version 10.1.3. From what I researched the 5020 is end of life and can only go up to OS ver to 8.1.*. My thought was to downgrade the new PA-5220 from 10.1.3 to 8.1.22 and restore the configuration. In the process of downgrading the ...

Migration from PA 220 to PA 440

I am in the process of migrating from a pa220 os 10.1 to a pa440 os 10.1.3. I imported the configuration from the pa 220 to the pa440 I ran into three issues: 1.we are getting 1gig from the ISP and even with Qos disabled we are only getting 150mbps 2. We have a toshiba phone system not IP every thing works except when calling location B across t...

Schedule Export of Configuration Files to Panorama Questions.

Hello. schedule Export of Configuration Files Is it right to extract firewall configuration that functions are linked to panorama? https://docs.paloaltonetworks.com/panorama/11-0/panorama-admin/administer-panorama/manage-panorama-and-firewall-configuration-backups/schedule-export-of-configuration-files I set it up by referring to th...

캡처.PNG
캡처.PNG
qmso475 by L3 Networker
  • 2210 Views
  • 2 replies
  • 1 Likes

Resolved! Found Skillets with errors! Please open an issue on this repository to help resolve this issue // odd output

I tested two newly created implementations of Linux, Docker and Panhandler using the Iron-Skillet day one configuration for a firewall (i.e., full XML configuration for NGFW). Is the odd output I received due to the Skillet error messages (Could not find included Skillet with name...)? If so, how can I resolve this issue?

Skillet full panos v10.1.png
Checked out new branch.png

Resolved! url filtering vs advanced url filtering license ?

Dear All, What is the difference between url filtering vs advanced url filtering? is Wildcard FQDN (like *.microsoft.com is supported in an Advanced URL Filtering license? does Advanced URL Filtering include everything you get with normal URL filtering? Thank you

Commit Errors on 1st Push

Hi, I have had to replace a PA-VM as the old one died. I have licensed it & imported it into Panorama, but when I try the initial push of the cfg it errors and fails- Details:. Validation Error:. network -> interface -> tunnel -> units -> tunnel.100 -> ip -> None None is an invalid ipv4/v6 address. network -> interface...

CraigAddison_0-1674640811972.png

Global Protect

Hello Friends, I need some advice for my next steps to solve the problem. My problem: I got User ID mapping with Radius, and everything works fine. But, when I create a policy for example (source IP XXXX for xxx users (VPN users) destination IP xxxx action deny, my policy not acting. And when I initiate traffic from specific source IP, I am fa...

Resolved! Policy

Hi All, Can we configure a single policy , giving user-id's and few different IP address as source.Will both mentioned user id's and IP address are able reach the destinations which was allowed.

Sujanya by L3 Networker
  • 2424 Views
  • 3 replies
  • 0 Likes

User-id and office365

Hello Community! We currently use Exchange logs for user-id to map users to IP address's so we can use AD groups for policies, etc. How do you do it when exchange is not on prem and you're using office 365? We used to use domain controllers, however the exchange was quicker at the resolution and any changes to IP's etc since outlook constantly a...

Resolved! How to get PCNSC Statue

Hello, Does anyone knows, how can you get PCNSC Statue? I passed the PCNSC exam in January and since that time I did not received it yet. I seen pictures on Instagram and on Linkedin that people received it after one month. What do I have to do to get it. I would like to know what is my number :). Please help if someone knows what is the next st...

Pawel_G by L1 Bithead
  • 4234 Views
  • 3 replies
  • 0 Likes

Disk Partition Explanation

Hello all, is there any guide how to read disk-partition on firewall? i see that the logs on the firewall is panlogs, but i still don't know what the other partition function. and why the panraid/ldl is high than the other partition

DennyChanditya_0-1674535023208.png

Resolved! Change forward decrypt trust cert to a new one.

I have forward ssl decrypt running and I want to change the cert I use. Can only have one forward trust cert at a time. If I deselect forward trust box I get commit error because my ssl decrypt policies don't have a forward trust cert. I can't select forward trust on the new cert until the old cert has forward trust deselected. So now what do I ...

djon by L1 Bithead
  • 5376 Views
  • 4 replies
  • 0 Likes
  • 24397 Posts
  • 123 Subscriptions
Top Solution Authors
Labels