General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Global Protect certificate auth user/device information

Currently we have a GP vpn setup for our mobile devices. We have are doing certificate based authentication, certificate is pushed out through an MDM. Basically if your device has this cert, your device connects. Is there a way to capture or pass through connected user information, for example username, email, etc.? Right now when looking at...

Doubt with Subordinate-CA Cert in PA firewall

Doubt with Subordinate-CA Cert in PA firewall Good evening, for issues related to for example decrypt as we need a certificate type CA, we can generate a certificate Subordinate-Ca from for example our CA server enterprise windows, import in our Palo Alto Firewall and as customers trust it, it would be transparent for issues such as the use of...

Metgatz by L4 Transporter
  • 3290 Views
  • 1 replies
  • 0 Likes

twistlock.sh onebox failure

The following warnings are reported when executing "twistlock.sh -s onebox" WARNING: You're not using the default seccomp profileWARNING: IPv4 forwarding is disabledWARNING: bridge-nf-call-iptables is disabledWARNING: bridge-nf-call-ip6tables is disabledInitializing Twistlock environment.Installing Twistlock Console (localhost).WARNING: You're n...

IP Geolocation with Anycast IP addresses

Hi there, I am wondering how geolocation is working with IP addresses where anycast is used. Anycast addresses are shared by multiple server, typically with different locations. How is such an address assigned to a particular country/region in the Geolocation DB? Does anybody know? Thanks, Sylvia

Sylvia2 by L2 Linker
  • 4216 Views
  • 2 replies
  • 0 Likes

Proxy IDs, NAT and IPSec VPNs

Hello, When using IPSec Tunnels with Proxy IDs with NAT to hide source traffic, should the Proxy IDs be set to the Hide NAT IPs and destinations or the original source and destinations? Thanks & regards

How to find IP address of user connecting to GlobalProtect VPN

Hi, can someone tell me how to find the home IP address of a user who has connected to GlobalProtect? I want to be able to audit GlobalProtect connections to ensure that they are coming from the actual home network of the user rather than from the IP address of an attacker. Thanks

FelixO by L0 Member
  • 16859 Views
  • 1 replies
  • 0 Likes

Can't log into Panorama after changing to Panorama Mode

Our Panorama VM was operating in legacy mode due to under provisioning when it was deployed. I recently had its resources increased to the Panorama Mode minimums and activated Panorama mode using "request system system-mode panorama". Everything seemed fine and Panorama rebooted.' It came back up after 10-15 minutes, but I have not been able t...

After fresh install 10.1.6 dns wont work Panorama

Hi guys,did anybody get the same issue like me. After a fresh install of Panorama 10.1.6, dns wont work. I troubleshoot this for a while and find out that panorama not even yet request the dns. I read the Adressed/Known issue couple times but never found related to this issue? how it can be prefered ? If something that basic is not working ?Kind...

API query from panorama to get IPsec tunnel data

API query from panorama to get IPsec tunnel datatried the following queries:http(s)://hostname/api/?type=op&cmd=<show><running><tunnel><flow><all></all></flow></tunnel></running></show>&key=<generated-key>https://IP//restapi/v10.0/Network/IPSecTunnelshttps://IP/api/?type=o...

DNS Resolution stops after ~10s after connecting with GlobalProtect

Hello...Many of my end users are now reporting that after approximately 10 minutes of logging to VPN using the GlobalProtect client they lose DHS resolution to internal and external resources. For example, when this happens. Users cannot access or even ping a server, by either its FQDN or by IP number. In addition, users also report they cannot ...

aimsnss by L1 Bithead
  • 15822 Views
  • 11 replies
  • 4 Likes

ACC is not loading post upgrading to 8.1.23

ACC is not displaying any data, it shows as "in progress". Recently Panorama and managed firewalls are upgraded to 8.1.23 post upgrade we ran into this issue. Tried restarting the management server but it didn't helped. Shall I try restarting the dataplane?Looking for the experts advise. Any suggestion and helps are highly appreciated.

Possible to remove/deactivate my vm-series license which the firewall is offline/unreachable?

My old vm firewall is no longer in used and not connected anymore. Is it possible to re-use the license key on another firewall without perform the deactivation on the VM itself (because it has been disconnected and removed already)? I tried to use the Auth code to activate my new firewall, however it showed error as below. Any ideas? T...

SeanDeHarris_0-1657268581459.png

TCP 443 Web Server Allows Password Auto-Completion

Hello dear community, good afternoon: Please your support: I tell you about an "X" vendor vulnerability scan tool, I detect the following vuln against the IP of the MGT WEB-GUI of the Firewall. Problem,inconvenience, vulnerability against the WEB-GUI/MGT of the firewall directly: Details:Low TCP 443 Web Server Allows Password Auto-Completion...

Metgatz by L4 Transporter
  • 11635 Views
  • 1 replies
  • 0 Likes

Tracing external IPs back to internal IPs at a specific moment in time...

In the course of tracking down security vulnerabilities, I find myself trying to trace External IPs (from external security scan reports) back to Internal IPs at a specific moment in time (the timestamp from the scan report). Most of the time, it's very simple, as many internal IPs are NAT'd 1-to-1 to external IPs. Those tend to stay static. But...

  • 24395 Posts
  • 123 Subscriptions
Top Solution Authors
Labels