General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

How and Why to Accept a Solution to Your Post

Did you know that you can help your fellow community members by accepting solutions when a reply answers your question Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature

...

JayGolf_0-1691518400714.jpeg
JayGolf by Community Team Member
  • 847 Views
  • 1 replies
  • 8 Likes

PXE boot not working through FW

Hi all,

I have a FW with PanOS 9.1.7 that is causing PXE boot issues with TFTP protocol.

When traffic is not routed through the firewall it all works and I have seen several threads about this problem but no solution.

 

DHCP server: Windows Server 2012 R

...

PA equivalent of ASA packet tracer?

One of the more useful features in troubleshooting on the PIX/ASA (which we used until recently) is the packet tracer, which allows us to enter source/destination IP/port, etc and check to see if a given connection is allowed or blocked, and by which

...

Resolved! Azure HA not coming up

Do I need license to test Azure HA scenario. I am following all the steps but HA1 doesn't come up.

I don't have any licenses. And doing a test run of implementation as HA active/passive.

Default 10.0 gets installed with BYOL, but we don't have license

...

raji_toor by L4 Transporter
  • 1795 Views
  • 2 replies
  • 0 Likes

Resolved! Finally have pre-login working - but now

I'm excited to finally have pre-login working per the logs below. But after the successful certificate based pre-login, 

portal-getconfig fails. On the pan the error message is "Failed to get client configuration". Any advise on how to troubleshoot th

...

MichaelMedwid_0-1620266069104.png

SSL Decryption Issues - MacOS Big Sur 11.2.3

We have had SSL decryption configured since we deployed Palo Alto firewalls and it works with little issue on our Windows OS platforms. We have a new project to deploy a few MacOS clients as the application development team requires the ability to te

...

How long time will need to prepar the PCNSA

Hi everyone


 I would like to prepare the certification  PCNSA.

My idea is to pay the tax exam as soon as posible will make force me to study the exam. I would like to know how many hours and time will need for I am going to the exam.

 

Regards

 

 

Athan123 by L0 Member
  • 2698 Views
  • 2 replies
  • 0 Likes

Resolved! 2 ISP NAT question

Hello,

 

we have 2 ISPs . .

Static route with metric 10 for the 1st one and another static route with metric 20 for the second one .

We have 2 nat rules for LAN. 1st one is via ISP1  and 2nd is via ISP2.

So when we change the default route we need to reor

...

stef by L2 Linker
  • 1514 Views
  • 1 replies
  • 0 Likes

PA Destination NAT

I have a use-case that all subnets/VLANs should be able to access the server (192.168.4.4) via HTTP using the loopback IP address 192.168.6.2/32.

 

The PA firewall is the gateway for all the VLANs. I would like to confirm if this is possible? The sourc

...

Nikko by L1 Bithead
  • 1677 Views
  • 2 replies
  • 0 Likes

Resolved! Aplicação incompleta

Galera, boa tarde.

 

Estou com um problema bastante confuso, tento acessar um determinado site "HTTP" é recebo a erro (Não é possível acessar esse site), realizamos um teste fora da nossa rede é o acesso é realizado normalmente.

 

Analisando os LOGS veri

...

Lucaaslr_0-1620676620608.png
Lucaaslr by L0 Member
  • 1569 Views
  • 1 replies
  • 0 Likes

application

 

Guys, good afternoon.

 

I have a very confusing problem, I try to access a certain "HTTP" site and I get an error (It is not possible to access that site), we perform a test outside our network and the access is done normally.

 

Analyzing the LOGS, I fo

...

Lucaaslr_0-1620677681082.png
Lucaaslr by L0 Member
  • 1789 Views
  • 3 replies
  • 0 Likes

User-ID only tags IPv4 or IPv6 address in dual stack

I've got the User-ID agent installed on three servers and I've recently began enabling IPv6 internally and I've noticed a problem.  The traffic logs in Palo Alto only associate either the IPv4 address or IPv6 address of a machine with a username depe

...

Lcroce by L1 Bithead
  • 3578 Views
  • 3 replies
  • 1 Likes

Getting the SpeedTest.net servers with MineMeld

This is less a question needing an answer and more a "so you don't have to go through my pain" type of post.

 

I was having a problem with SpeedTest.net where the suggestion of a server for testing was taking over a minute to appear after the rest of t

...

RuscalR_1-1620663473061.png
RuscalR by L0 Member
  • 2368 Views
  • 0 replies
  • 0 Likes

can MineMeld be installed on ubuntu 20.04?

I'm getting this error, how do i get around it?

 

$ sudo apt install -o Dpkg::Options::="--force-overwrite" -y minemeld
Reading package lists... Done
Building dependency tree
Reading state information... Done
Some packages could not be installed. This m

...

Thyrion by L2 Linker
  • 3619 Views
  • 2 replies
  • 0 Likes
Top Solution Authors
Top Liked Authors