General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Threat Vector, a Unit 42 Podcast, is Now on LIVEcommunity!

We have some exciting community news to share: Threat Vector, a Unit 42 podcast, is now on LIVEcommunity!

 

Threat Vector is your compass in the world of cyberthreats. Listen to this biweekly podcast to learn about unique threat intelligence, cutting

...

jforsythe by Community Team Member
  • 327 Views
  • 0 replies
  • 0 Likes

How and Why to Accept a Solution to Your Post

Did you know that you can help your fellow community members by accepting solutions when a reply answers your question. Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature

...

JayGolf_0-1691518400714.jpeg
JayGolf by Community Team Member
  • 3683 Views
  • 2 replies
  • 14 Likes

Single-homed interface configuration VPN?

Dear all, 

 

Wanna get rid of my existing VPN gateway (single-homed interface configuration) in DMZ (already have another two-tier FWs in between) in replacing with new PA-series without changing the network topo. Only client-to-site VPN is required.

 

A

...

Can't access management console

I made a big mistake and not sure how to correct it.  We have a Palo Alto Firewall.  I wanted to white list an IP address so my PCI Scans would not fail.  I found an article but it seems it lead me a totally different direction.  It had me put the IP

...

bobvaal by L0 Member
  • 3240 Views
  • 3 replies
  • 0 Likes

Resolved! HA Link and Path Monitoring

Hello everyone

 

We have configured active-passive HA on a pair of 5220

 

I have configured link monitoring

 

I need to migrate the HA links of the FW , all except the backup HA1 management one.

 

What would be the best procedure to prevent them from becomin

...

Alpalo_0-1631634199084.png
Alpalo by L4 Transporter
  • 2235 Views
  • 1 replies
  • 0 Likes

Now Open: Papers for the Ignite'21 Conference

Hi everyone,

 

I wanted to let you all know that Palo Alto Networks is now accepting Papers for the Ignite'21 Conference! 

 

Palo Alto Networks is looking for speakers and presenters with highly technical backgrounds who can share their experience an

...

jdelio by L7 Applicator
  • 2414 Views
  • 1 replies
  • 2 Likes

Custom report analyse trafic on object

I want to check all my object addresses with zero traffic to clean up my flow rules.

Can I replace my sources and destination IP with an "all IP" setting ? 

Can you help me ?

section "Query Builder" does not work (see image)

 

 

 

navaro06 by L1 Bithead
  • 3269 Views
  • 7 replies
  • 0 Likes

Resolved! How to make Eth Interface gray

Hello,

 

For testing purpose, I added VR and Zone to Eth Interface1/3. I have removed everything from it but in the Dashboard it shows Red color. This creates confusion as some think the interface is down even though nothing is connected to it. 

Is ther

...

Gray.PNG

URL Categories vs URL Filtering

Multiple questions - Recently we've found that traffic not within a URL category specified in a rule is being allowed. The rule appears to be allowing the traffic as the session starts and ends with the action of allowed determined. Would using the s

...

CBeaver by L0 Member
  • 5901 Views
  • 2 replies
  • 0 Likes

Resolved! Decryption issue

We have outbound decryption working but there are few sites that popup that donot work from time to time and have to add the to exceptions.

 

I am trying to investigate a recently highlighted website and to learn how to troubleshoot this better.

 

If I r

...

image.png
image.png
image.png
image.png
raji_toor by L4 Transporter
  • 2972 Views
  • 3 replies
  • 0 Likes

Resolved! QOS per device

Is there a way to limit /throttle qos per device?  Outside of making a QOS rule per subnet or ip host?  I know on some platforms there is a way you can limit every client to a max of 500kb/s per device.   Is there any easy way to do this with the fir

...

Sec101 by L4 Transporter
  • 1635 Views
  • 1 replies
  • 0 Likes

Resolved! Migrate from PA-500 to PA-220

Hi All,

 

We are planning to migrate from PA-500 to PA-220, and there are some concerns to verify.

 

Here are our current versions.  My concerns are,

 

1) How we can match the OS/Content versions with the new PA-220?

2) What will be the migration procedure

...

KosalaBandara_0-1618979777307.png
  • 24193 Posts
  • 100 Subscriptions
Top Liked Authors
Labels