General Topics
cancel
Showing results for 
Search instead for 
Did you mean: 
General Topics

Forum Posts

New LIVE AMA event, LIVEcommunity Team Roundtable!

If you are curious to know more about how the LIVEcommunity works, have a chance to chat with community team members, or ask a non-technical question? Now’s your chance! The floor is open for all you burning questions now through June 24. The LIVEcom...

ama-graphic.png
jdelio by Community Team Member
  • 207 Views
  • 0 replies
  • 4 Likes

Resolved! GlobalProtect, Working from Home, Prisma Access and Covid-19

To all, Just wanted to post a message about the Hot Topic right now, which is Covid-19. With all of this going around, everybody's health and safely is the utmost concern. Keeping your hands clean, washing your hands (A LOT), using hand sanitizers, a...

jdelio by Community Team Member
  • 18439 Views
  • 41 replies
  • 32 Likes

Resolved! Recommended Pan-OS version

I have a 5220 that I am using as core L3 segmentation router for my 500 user environment. Currently running 9.1.3 Pan-OS and What version of PAN-OS is recommended for this scenario. Is it generally advised to install the latest version posted on devi...

Global Protect Enforcement Bypass

Hi All, I understand that this is a Microsoft related matter however I'm interested to see if anyone else has come across this issue. With Global Protect Network Enforcement in place (through the Portal Config), it is still possible for local admins ...

Josh990 by L2 Linker
  • 217 Views
  • 5 replies
  • 0 Likes

Zone Protection CPS Calculations - Make ZERO sense

I have been collecting CPS (total, TCP, UDP, IP) via OIDs using PRTG for ~6 weeks. I have all the data I need (I think). However, the DoS Zone Protection best practice documentation leaves a LOT to be desired as it's not clear. If anyone has tried to...

FIPS Enabled Panorama - Change Management IP

Hello, Is there a best practice, for changing the management IP on a FIPS enabled Panorama M-100?I have a FIPs enabled Panorama M-100. It is configured with a management interface for administrative functions on one network. It is configured with ano...

Roger_K by L0 Member
  • 100 Views
  • 1 replies
  • 0 Likes

How to allow policy destination by URL

Hello, I need know how to allow create policy in PA firewall 3020 and add destination as URL name as (microsoft office 365) instead of adding all IP ranges. Appreciate your help Thanks

mmarie by L0 Member
  • 159 Views
  • 3 replies
  • 0 Likes

Java Cert error due to decryption?

My organization is in the process of moving from one VPN solution to GlobalProtect. We are seeing several applications being unable to run certain features, or run successfully at all, and the error logs appear similar to this (I say similar because ...

FW lose UIA mapping

Hi, We are having a issue in the FW. Suddenly the FW loses the UIA mappings. We upgrade the FW to 8.1.19 in order to avoid any previous bug but the issue repeated. Its quite random. Upgrade was done last 8th June and it happenened today, In order to ...

Captura1111.JPG
jesuscano by L4 Transporter
  • 141 Views
  • 3 replies
  • 0 Likes

NPTv6 seems bugged (PAN-OS 9.1.9)

Hi,we're running into an issue with IPv6 NPTv6 which we use to route traffic through IPS on PA.The address isn't translated as expected.We tried NPTv6 in 2 configurations, both translate the same. We either used:xxxx:xxxx:xxxx:ffe0::/60 -> xxxx:xxxx:...

Freaky by L0 Member
  • 139 Views
  • 3 replies
  • 0 Likes

IPSec Version

For audit purposes we neeed to know if paloalto is using IPSec version 3 or version 2?

Chana88 by L0 Member
  • 127 Views
  • 2 replies
  • 0 Likes

Find disabled administrator accounts

Across a large environment, what would be the best way to audit Palo administrator accounts? That is accounts found at Device > Administrators. For various reasons we all end up with lots of AD accounts, service accounts and so on there, what I'd lik...

collector group with redundancy not working properly

we have configured Panorama M200 in HA , configured managed collector with local log collector , configured collector group and added local log collector of both panorama, redundancy is enabled in collector group (log forwarding preference is not con...

Deepak25_0-1623763316613.png
Deepak25_1-1623763766133.png
Deepak25 by L1 Bithead
  • 240 Views
  • 7 replies
  • 0 Likes

GlobalProtect issue with Enforcer Network Access

Hello, We enabled a week ago the feature enforce network access on our environment.We are using internal host resolution to detect if user is inside or outside corporate network.In a random way, we're experiencing issue with users worldwide. We have ...

VPN IPSec Configuration Disappeared from GUI

An issue where I can’t view any configured IPSec Tunnels in GUI,From CLI, the IPSec tunnels appear normally. Tried failover, restarting management service, even rebooting both Palo Alto units, using different browsers, different computers, and export...