General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

License Credit Usage per Firewall

In order to accurately bill our customers, we would like to have a breakdown of credit usage per firewall. I was able to retrieve a list of all firewalls from our panorama instances and also the credit pools and how much is used in total from palo alto API. However, there doesn't seem to be an obvious way to break it down further. Is this tec...

"Only self signed CA cert can have identical sub and issuer fields" when uploading a certificate

This message appears when uploading an external CA certificate to the sistem. "Only self signed CA certificates can have identical subject and issuer fields". It's a Microsoft-adfs autosigned CA certificate used to sign SAML messages and we can't not change that, you know if there's any way to upload this certificate to the system in order we ca...

Resolved! BPA API Query Error

With the impending demise of On Demand Best Practice in Strata Cloud Manager coming fast on 31 March , has anyone seen this error before when trying to do a on demand bpa via the AIOPS for NGFW Best Practice Assessment API. The error is error_code 1210 description is "Failed to associate AIOPS instance with TSG" but Aiops doesn't exist anymore...

Unable to ping to Secondary ISP IP from Primary ISP IP

Hello Everyone, I'm using two internet connections: a primary ISP and a secondary ISP. Is there a way to ping the public IP address of the secondary ISP from within the local network? I would appreciate it if you could share the configuration steps. Thank you so much!

URONMAPU by L1 Bithead
  • 722 Views
  • 4 replies
  • 0 Likes

3200 dual power packs

Is the purpose of the 2nd optional power pack for redundancy? If connected to a separate PDU, does the optional one automatically supply power upon failure of the primary? Is one actually primary? What is preventing over-power from both supplying? #paloalto3200

james by L0 Member
  • 243 Views
  • 1 replies
  • 0 Likes

Palo 3020 dagger logs

I've done a private reset to the palo, ive done a factory reset to the palo. After logging in, the command I try putting in is show interface all. comes back as server error: Error Occured: See dagger.log for information. I then type the command to view the dagger logs, "less /var/log/mp-log/dagger.log" same when i try using "tail" and I get a I...

Resolved! License needed for SD-WAN dashboard on Strata cloud manager

Hi, I need to confirm what is the license needed for SD-WAN dashboard on Strata Cloud Manager. This part of the document informing that SD-WAN dashboard is supported by Strata "Cloud Manager Essentials + Strata Logging Service" or Strata Cloud Manager Pro https://docs.paloaltonetworks.com/strata-cloud-manager/activation-and-onboarding/str...

how to erase this "Warning Expired Certificate Check" PA-1410 version 12.1.6

Hi team, I would like to ask if there is any way to erase this Warning Expired Certificate Check. According to different articles, we can ignore due to the fact that it is not affecting traffic or something else. Moreover, I already checked the certificates and all of them are valid, and default trusted certificates showed me a lot of certifica...

F.Pinar by L3 Networker
  • 398 Views
  • 1 replies
  • 0 Likes

Need to block WINSCP application but want to allow ssh

Hi Team In sec policy I have allowed for some users only RDP and SSH application. But these users are able to use WINSCP application because WINSCP application also using port 22. I want to block winscp application but allow ssh application. How can we achieve this ? Please help us. RegardsMohammed Asik

  • 24390 Posts
  • 123 Subscriptions
Top Solution Authors
Labels