General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Threat Vector, a Unit 42 Podcast, is Now on LIVEcommunity!

We have some exciting community news to share: Threat Vector, a Unit 42 podcast, is now on LIVEcommunity!

 

Threat Vector is your compass in the world of cyberthreats. Listen to this biweekly podcast to learn about unique threat intelligence, cutting

...

jforsythe by Community Team Member
  • 79 Views
  • 0 replies
  • 0 Likes

How and Why to Accept a Solution to Your Post

Did you know that you can help your fellow community members by accepting solutions when a reply answers your question. Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature

...

JayGolf_0-1691518400714.jpeg
JayGolf by Community Team Member
  • 3327 Views
  • 2 replies
  • 14 Likes

Security Advice on SSH & SSL/TLS week ciphers

Hi Team,

 

I have few queries to be addressed.

 

We have changed the SSL/TLS version using CLI to TLS 1.2 but when we run the scan we can see TLS 1.1 is also running at the back-end. We need to check which SSL/TLS version is running using CLI of the Fire

...

Restoring Configuration Between Platforms?

Is it possible to restore a backup configuration from say a PA5000 series to a PA3000 series?  I know there are obviously interface differences between the platforms, and I couldn't find any recent documentation explaining if this is possible.

 

Than

...

Policy audit comment in cli

Do you know how can we configure and view Panorama security policy audit comments in the cli or another way for bulk applying comments to policies. 

I will modify policies in bulk using the cli set commands, but also want to add audit comment to all t

...

batd2 by L4 Transporter
  • 2939 Views
  • 3 replies
  • 0 Likes

Active cluster

Hello ,

 

We have a customer having Active /active cluster .  The Panorama lies in another country : The nodes of cluster use the traffic interface ( and not management interface)to reach Panorama , and at firewall we do the NAT , so that on Panorama 

...

Resolved! Upgrading from 3220 to 3250

Is there a means of copying all configuration from a 3220 PAN to a 3250 including the certificates? 
The main impetus to upgrade would be to accommodate more Global Protect tunnels (2048 instead

of 1024.) I'm trying to understand what that migration mi

...

File types need to block

The file type is malicious as per the swift advisory 2021, that need to be block on the Palo alto Firewall.

File Type .gmu,.ekt, .jpn,.er,

SurajN by L2 Linker
  • 1756 Views
  • 3 replies
  • 0 Likes

Global Protect Single/One login Portal/Gateway

Good afternoon, I have a question:

 

I have Global Protect configured and operating, operating correctly Portal and Gateway.

When one uses the Global Protect App, it always asks 2 times for login, I understand that one is in the Global Protect Portal an

...

Metgatz by L4 Transporter
  • 2012 Views
  • 1 replies
  • 0 Likes

Timeout on syslog sourced User-ID mappings?

Greetings all,

 

Taking another look at our user-id mappings with our server team today and we've landed on trying 90 minutes for AD.  We set this on the agents installed on two of our AD servers and the firewall is showing the new logs coming in as ha

...

jsalmans by L4 Transporter
  • 1821 Views
  • 2 replies
  • 0 Likes

PCI DSS testing failure

We are using SecurityMetrics to test for PCI compliance and have recently started receiving a failure based on TCP/IP Initial Sequence Number (ISN) Reuse Weakness (CVE-2002-1463) for the PaloAlto firewall (5.0.8).

I'm not sure how to remedy the proble

...

  • 24124 Posts
  • 100 Subscriptions
Top Solution Authors
Labels