General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

 

Rules and Best Practices

 

  1. Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion
...

JayGolf by Community Team Member
  • 759 Views
  • 0 replies
  • 0 Likes

GlobalProtect Android version 13 issue

Global Protect login continues to fail on Version 13 Android.

 

It seems to have been caused by Android security enhancement issues.
 
created it with SHA 384 but I can't log in.
 
"The network connection is unreachable or the portal is unresponsive,
...

qmso475_0-1701243435266.png
qmso475_1-1701243590189.png
qmso475_2-1701244110530.png
qmso475 by L3 Networker
  • 2471 Views
  • 11 replies
  • 0 Likes

EST Enrollment over Secure Transport

I use certificate based IPSec VPN Tunnels that rely on Certificates.  The Certificate Authority i use supports EST to allow for automated enrollment similar to SCEP.  Is there a way to configure Pan-OS to work with EST instead of SCEP?  I have not be

...

Resolved! Regarding Security Advisory CVE-2024-3393

Hello Team,

   I have recently upgraded my pa-1410 firewall to panos ver. 11.1.4-h7, because its preferred version so far.

Today I have received this advisory link ...

https://securityadvisories.paloaltonetworks.com/CVE-2024-3393

I have DNS Security

...

Resolved! Failure to install Apps and Threats

Model PA-3050
Software Version 9.1.16
GlobalProtect Agent 6.1.0
Application Version 8692-7955 (03/30/23)
Threat Version 8692-7955 (03/30/23)
Antivirus Version 4401-4918 (03/26/23)
WildFire Version 757322-760771 (04/06/23)
URL Filtering Version 20230406.2015

...

Kali by L2 Linker
  • 4295 Views
  • 5 replies
  • 1 Likes

about transparent

sorry for bothering you all. I'm new to computer networking. And while I'm building my own system, I'm having some trouble.

MODEM (internet) --- Firewall Palo Alto --- Laptop. This is the model I'm building myself. I was going to use transparent mode

...

Palo Alto Global Protect

Hello. 

   I am looking to setup and use Palo Alto's Global Protect feature; The question I have is if I have only 1 egress port (WAN) port that is public-facing, can I setup my Global Protect on that egress port or do I need to use another port for

...

ITSMC24 by L1 Bithead
  • 549 Views
  • 2 replies
  • 0 Likes

For those that seek to get SSH Proxy working

Searching the internet it seems that people are looking to enable SSH Proxy and not finding answers. I managed to get it working but must say that the current supported SSH decrytion parameters for all PAN-OS versions aren't the most secure ones so y

...

Untitled1.png
Untitled1.png
Untitled2.png
Untitled2.png
Han.Valk by L2 Linker
  • 481 Views
  • 1 replies
  • 1 Likes

GlobalProtect access to local LAN devices

I am fairly new to Palo Alto devices.  We are in the process of testing the GlobalProtect client and have set it up without split-tunneling.

I have confirmed this works for web browsing (get the PA NAT address), but we are still able to get to all lo

...

rgreens by L2 Linker
  • 17593 Views
  • 12 replies
  • 0 Likes

Onboarding to Passive HA to Panorama

Hi Everyone,

I need advice on how to onboard the passive HA to Panorama. The Primary is already on Panorama but upon checking, it doesn't belong to a device group yet. I have read some documentation on how to onboard a local firewall to panorama, but

...

N.MANTUA by L1 Bithead
  • 516 Views
  • 2 replies
  • 0 Likes

Resolved! Replicating vSwitch NIC status to a NGFW VM (ESXi)

Greetings all,

 

I wanted to see if anyone has successfully replicated the status of a host NIC attached to a vSwitch to a Palo Alto NGFW VM in ESXi 8? 

Right now, all ports always remain up because the virtual switch they are attached to remain up. I

...

Resolved! Deep Packet Inspection and SSL Certificate

Hello, newbie here. One of our clients asked me: 

 

"We have an exchange server which is on site.  We need to renew the ssl certificate, I was told that if the Palo Alto firewall performs deep packet inspection, we need to supply the ssl certificate

...

N.MANTUA by L1 Bithead
  • 1803 Views
  • 4 replies
  • 0 Likes
  • 23984 Posts
  • 115 Subscriptions
Top Solution Authors
Top Liked Authors
Labels