This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

Enhanced Security Measures in Place:   To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.

General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Ensuring a Safe and Secure Community: How You Can Help

 

Dear LIVEcommunity Members,

 

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

safe-community_oct24.jpg
report-content.jpg
jforsythe by Community Team Member
  • 160 Views
  • 0 replies
  • 0 Likes

Resolved! Unable to get internet from inside host

Hello Guys,

Hope all are good.

I have official PA version 10.0.0.8 image which i have installed in VMware Workstation 16 , I have done all the network level things , Security policies and NAT policies however one of the host from inside zone is not abl

...

Migration from 5250HA to 3250HA

Hi Everyone

 

We plan to migrate 5250HA to 3250HA. See if anyone has past experience.

 

5250HA Policy and objects tab are managed by Panorama, All rest is still on local. Main change is interface on 5200.e.g internet or DMZ zone includes 1G and 10G inter

...

dual catergory url checking

hello community.

 

I notice that this site https://www.pokmi.com/ is in dual category for Adult and catagory low Risk.

 

I made an url filtering rules that allow low risk category but that block adult category.

 

when I apply this rules to my traffic I hav

...

fcorfdir by L2 Linker
  • 1497 Views
  • 1 replies
  • 0 Likes

inter-compatibility

Hi All,

 

PA3020 and PA200 are used to form an IPSEC tunnel. Would there be any compatibility issue if we upgrade PA3020 to PANOS 9.1.12-h4 while keeping PA200 on PANOS 8.1.21?

Any known issues if we upgrade PA3020 to PanOS 9.1.12-h4? PA3020 Current Pan

...

ongkai by L1 Bithead
  • 1688 Views
  • 2 replies
  • 0 Likes

Clientless VPN oracle app is not working.

Dear Team,

 

I have configured a clientless VPN. when I open a portal and launch the oracle app it is not working getting the below error:-

 

 

 

Troubleshooting:-

 - I have checked, I can open the same oracle application by an internal network. (Traffic is

...

Jafar_Hussain_0-1584981578187.png

SSL decryption - Connection is not Private

Hi Team,

I am configuring SSL decryption on Palo Alto using a self-signed CA. I have created two certificates, one for forward trust and second for forward untrust. I have installed the forward trust certificate into the trusted root CA of the machine

...

Resolved! Decryption Exclusion methods

From what I can tell there are three methods to exclude traffic from decryption:

 

1) Custom URL Category - Requires a Commit to the device group when adding URLs

2) SSL Decryption Exclusion List - Must be added to each Firewall template and then Commit

...

Resolved! Clarity with wildcards used for custom objects

I'm trying to have a clear understanding of wild cards and ending tokens when using them for custom URL categories. What's the difference in behavior when using *.site.com/  versus   site.com/  ??? The pop-up doesn't seem to mention wild cards in the

...

dgagnon by L1 Bithead
  • 2502 Views
  • 3 replies
  • 0 Likes

PA-5000 SSD replacement

We have 2 PA-5020 working as active/passive. We have dual SSDs configured in RAID and the SSD model on the active and passive device is SSDSA2CW12. We have to replace SSD in active firewall. However the RMA sent is a different model and is of size 24

...

RUNTEAM by L0 Member
  • 1692 Views
  • 1 replies
  • 0 Likes

ECMP Configuration Questions

Hi,

 

New to the board.  I have two WAN circuits going to two separate ISPs.  I would like to run ECMP with weighted round robin over ISP1 & ISP2.  However, I want to verify this can be achieved successfully in my environment.  I have 15-20 VPN connect

...

Resolved! Wildfire Blocking on Informational

On my PAN 3220 which is handling Global Protect I am seeing a lot of Wildfire activity where the verdict for these

file upload is benign, severity only informational but the action is to Block. Any insight as to what might be going on?

 

 

 

 

palomed_1-1643222066995.png
palomed by L3 Networker
  • 2159 Views
  • 1 replies
  • 0 Likes

Resolved! Behaviour of A-URL subscription in PANOS 8.1

Hi all,

Knowing that PAN-DB URL4 license is no longer for sales since last Nov, we have renewed our subscription to A-URL now. After renewal, I can see my other WF, TP licenses have been renewed successfully in Device -> License, however, still  showi

...

  • 23595 Posts
  • 107 Subscriptions
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks