General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

How and Why to Accept a Solution to Your Post

Did you know that you can help your fellow community members by accepting solutions when a reply answers your question. Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature

...

JayGolf_0-1691518400714.jpeg
JayGolf by Community Team Member
  • 2967 Views
  • 2 replies
  • 14 Likes

GobalProtect setup accross multiple standalone FWs in Azure

Hi All,

 

current setup more or less..

 

                                      |---PAN FW1---|

internet -->--- Ext LB----                         ---Int LB--------Azure Env

                                      |---PAN FW2---|

 

PAN FW1 and PAN FW2 a

...

PA_nts by L3 Networker
  • 851 Views
  • 7 replies
  • 0 Likes

Export/import tool using set commands

"Hello to the Palo Alto Networks community,

After conducting research on the tasks of exporting and importing configuration file in PA-VM version 10, I've learned that using file transfer protocols like TFTP and SCP allows for the export and import o

...

RChan39 by L0 Member
  • 189 Views
  • 0 replies
  • 0 Likes

PA-3220 after upgrade into 10.2.6

Experience applications flow issue, most of the sessions incomplete (i deleted all active sessions with no resolution), reboot, fail-over several times, no luck. I opened a ticket with Tech support for advance packet flow process analysis no resoluti

...

elmgbar by L1 Bithead
  • 644 Views
  • 5 replies
  • 0 Likes

DH group 15 not supported in phase 1 with IKE v1?

I need to migrate an old firewall to a PA-440 and came across an ancient IPsec where they have used DH group 15 for both phase 1 and 2. According to the docs for PanOS 10.2 DH 15 is now supported but the 440 whines about DH15 in phase 1 as I use IKE

...

Resolved! License renewal

Please confirm if the expired PaloAlto licenses can be renewed?

If “YES”, Please confirm which of the expired PaloAlto licenses can be renewed?

not able to open support case

Hi,

 

When I try to open support case error message coming up saying "Problem Category is missing".

 

Although I select the product as PAN-OS while creating the case.

 

BR,

Alaa

aasaggaf by L0 Member
  • 243 Views
  • 1 replies
  • 0 Likes

Best upgrade practice with HA Pair ?

We are preparing to update this weekend to 10.2.7 to resolve the expiring root certificate issue. We have an HA pair that we want to failover while upgrading as to not disrupt service. While I have the upgrade path from the Palo documentation what I

...

Walt by L1 Bithead
  • 347 Views
  • 1 replies
  • 0 Likes

Setting Up Double NAT over a site-to-site VPN

Hi,

 

I've been trying to read up on if it is possible to set up what Cisco would call "Twice NAT" on Palo Alto, and while there seems to be a lot out there for really odd fringe cases, I'm struggling to find anything on what I think would be a reall

...

Jamin79 by L0 Member
  • 509 Views
  • 3 replies
  • 0 Likes

BGP failover not working as expected

Hi

 

Our PA 220 is running 2 eBGP's  with 2 CE (WAN) routers.

Those 2 CE routers will run eBGP with respective ISP's. 

 

We control the routing through Local preference. 

 

Routes learned via primary CE 1 has LP of 500

Routes learned via secondary CE

...

Paloalto can't block hotspot shield.

 

Dear all,

 

I am currently facing paloalto can't block and see hotspot shield app.

Our organization do not want to use ssl decryption to block hotspot shield.

 

Any other solutions to block hotsport shield without decryption ???

 

 

Thanks.

 

 

zm.tun by L1 Bithead
  • 5740 Views
  • 8 replies
  • 0 Likes

Panorama Upgrade

Hi Team,

I am setting up a new Panorama. Where not even created the Device Groups and Templates yet. I need to upgrade the Panorama but i am not able to do that. I am able to reach internet but unable to fetch the softwares, is there anything that ne

...

Resolved! LACP MAC Movement and Doubts

Dear Folks, 

 

First time I'm deploying PAs with LACP active/passive for HA solutions. I have some doubts couldn't get enough information from Internet source. 

 

1.  In the event, if one firewall goes down, PC on SW1 goes down, how this mac and arp

...

Ramakrishnan_3-1702285551757.png
  • 24037 Posts
  • 99 Subscriptions
Top Solution Authors
Top Liked Authors