General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

BGP Peer & Route Advertising

Hi All, I have followed a few guides but cannot manage to get a /30 RIPE subnet advertised to our ISP. I have followed the following guide for route distribution, however, i cannot see them in the Local RIB and RIB out tables. https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000Cm2ICAS Any help is greatly appreciated. Ou...

DForde by L1 Bithead
  • 2348 Views
  • 1 replies
  • 0 Likes

Easy way to copy a policy from one firewall to another?

Good afternoon! I have a set of Palo Alto PA-820s and 850s that I'd like to converge their configurations. For instance, have the same whitelist or blacklist policy outlines that I can add or remove websites, countries, and so forth. I see I can share policies between virtual routers, but is there an easy or easier way to copy a policy from o...

SSO Kerberos setup for Admin

I have been able to set up Kerberos for explict userid/password entry at the logon screen. Now I am trying to setup SSO. I at least get to the Click the button to login as [email protected]. Yet when I proceed, I get Not Authroized. System log shows 'Authorization failed for user '[email protected]' vs the explict login that shows a login for 'u...

Resolved! Captive Portal not working on Google Chrome, Edge, Firefox on PAN-OS 10.1.0

Hi Team, We had upgraded the firewall version to 10.1.0 Then captive portal is not working on firefox, Edge, Chrome. It is working only on Internet Explorer older versions only. Not working on any other browsers. checked all the settings from knook and corner but no config issue and when the client intiates the sesion it is terminated with redir...

tamilvanan_1-1636734849181.png

Practical XFF usecase

XFF for user-ID - Displays IP as 'x-fwd-for: x.x.x.x' format Seems to me just an investigation help feature maybe can even block a particular IP/s if used in security policy as a source user, haven't tested this. XFF for Security Policy - Gives ability to block or allow based on IP in XFF. XFF IP's can be allowed/blocked used in security po...

raji_toor by L4 Transporter
  • 2471 Views
  • 2 replies
  • 0 Likes

Can't activate " VM-Series Bundle 1 Free Trial" from Azure Marketplace

Hi there, I attempt to start to "“VM-Series Bundle 1 Free Trial “ in Azure Marketplace . When I clicked the link "“VM-Series Bundle 1 Free Trial “. It popped 404 not found. Could you advise how to activate it? Besides, I saw that there is a 30-day trial,is it an independent plan from paid services or you only have paid plan and subscribers have...

CiciPeng by L1 Bithead
  • 9745 Views
  • 9 replies
  • 0 Likes

Resolved! caddies for a 5200 and 2500

Hi i am looking for caddies that fit a PA-5250 and a PA-3220 firewalls i can find replacement the replacement drives looking for parts numbers for them original was where damaged in moving. Please can someone help me with this as i need these caddies for the drives to work

CIT1977 by L1 Bithead
  • 2842 Views
  • 3 replies
  • 0 Likes

PA-450 License Issue

Hi Team, Is there any known issues with the License Tab in PA-450 as our new firewall is not showing anything on the license TAB. I have added the devcie in the support portal but to fetch the license i am not able to see anything in the tab. I upgraded the device from 10.1.0 to 10.1.8 just to check if it helps but no use. Regards, Sanjay S

Process cp-path_monitor received user event hbUpdate

Dear Team, I'm using 9.1.12 PAN-OS Recent firewall has temporarily switched certain interfaces to 'non-function' with the logs below. masterd_apps.log Process cp-path_monitor received user event hbUpdate 60 0.0938 I would like to know what the log above means. If anyone has had a similar experience, please share with me Thanks in advance...

Resolved! Memory utilization used by the current data plane among all allocated memory

Hello all,I was asked by the customer if there is a command to check the memory usage rate used in the current data plane among all allocated memories.

And I found the following command, and is it correct that the config memory here means the entire memory? > debug dataplane show cfg-memstat statistics https://knowledgebase.paloaltonetworks....

Setting up DUO MultiFactor on GlobalProtect and allowing AD password resets at the same time

Hello all, I am currently trying to set up my GlobalProtect portal to allow my users to reset their passwords when they expire. I was able to do that by setting up my RADIUS profile with PEAP-MSCHAPv2 however now my users are not getting the DUO pushes anymore. It was previously working with the DUO authentication proxy. I need to be able to s...

Is it possible to apply "IP Address Exemptions" into Security Profiles based on the IP of the x-forwarded-for header?

Hello. all. Is it possible to apply "IP Address Exemptions" into Security Profiles based on the IP of the x-forwarded-for header? https://docs.paloaltonetworks.com/pan-os/10-0/pan-os-admin/policy/identify-users-connected-through-a-proxy-server/use-xff-values-for-ip-based-security-policy-and-logging You can configure the firewall to use the...

  • 24393 Posts
  • 123 Subscriptions
Top Solution Authors
Labels