This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Requiring a certificate for security policy to control access

I have been tasked to lock down access to our devops environment for developers over VPN. Developers using non-corporate assigned assets (workstations & laptops) will only be allowed access to their desktop workstations in-house over RDP. Developers using corporate assigned assets can access all services on the devops network (source repos, ...

How to allow VMware Workstation created VM's to work on physical PA-820?

Hi,My home setup includes PC with multiple NIC's and a VMware Workstation that has my virtual lab (Windows domain controller, 5 ESXi 7 hosts, VCSA and some other stuff) This is licenced via VMUG programme.My main PC goes through one of NIC's direct to PA-820, VMWorkstation is 'bridged' to one of other NIC's I have. Separate subnets. Have create...

20220705-PA_NAT.JPG
20220705-PA_secpolicy.JPG
R.Tryba by L1 Bithead
  • 2552 Views
  • 1 replies
  • 0 Likes

Panorama template push fails unless a device group is pushed with it.

When committing a template only change from panorama to managed firewalls in a HA pair the commit fails. When committing a template change along with a device group change it succeeds.Template only changes commit fine when being pushed down to managed standalone firewalls.All devices are running PAN-OS 10.1.5-h2Reviewed the panorama logs along w...

External DNS resolution for specific domains

Hello, I am trying to look for a solution to an issue we have whereas we don't want to add routes from Azure (via ExpressRoute) to an on premise for public IP's for which Azure devices need to connect to via a Palo Alto firewall and across a VPN to a 3rd party. At the moment we have configured an FQDN NAT on our Palo Alto firewalls (where the c...

StuartS by L1 Bithead
  • 2633 Views
  • 1 replies
  • 0 Likes

Remove Multiple Saved Config files from CLI?

I recenlty received an alert for /opt/pancfg at 80% full. It looks like there must be a bug in a PAN-OS version that seemed to be saving off configs every hour, with a random naming convention of "5rkswfabcbep_5syszjl7hw0j.txt" There are hundreds of these files dating back to last year. It doesn't work when you try to specify a wildcard (*) to...

Global protect enforcer and public wifi captive portal

Dear community, We have deployed Prisma access Global protect [agent 5.2.9], enabling network enforcer and captive portal detection [ 10 min timer and captive portal message].We are experiencing mixed results with users getting an error web page when joining the public wifi.We are able to get more consistent results when network enforcer is disa...

Allowing PIA VPN in home network

Hi all,Quite new to managing NGFW, please be patient.I have PA-820 looking after my home network, no domain, few computers, using it to learn more than anything else, but since I have it want to use it fully.I want my Private Internet Access VPN to access Internet without decryption, I am failing to make that exception.Protocol I want to use is ...

R.Tryba by L1 Bithead
  • 4565 Views
  • 2 replies
  • 0 Likes

Palo Alto Firewall VM

I have installed a Palo Alto Firewall VM trial version. Now whenever I have tired to login / after successful login it is suddenly going to runlevel 0 and shutting down.

PAN-PA-5220 Purchase

Dear All, I am planning to purchase PA firewall 5220 for our Datacentre. and came across below modelI am not mistaken then I need to purchase PAN-PA-5220-DC i(f DC power supply) and PAN-PA-5220-AC ( If AC power supply) However I am clueless for what purpose I need to purchase below modesl? PAN-PA-5220-DC-OSSPAN-PA-5220-AC-OSSPalo Alto Networks P...

IPSec Tunnel fails after 1 packet

Hi Guys, We have a number of Palo Alto firewalls at our satellite sites configured in a Mesh VPN. Site A, Site B, and Site C (Internal) all work successfully.Site C DMZ can establish a tunnel to all the other sites, however as soon as the VPN is used, it immediately stops working. Site C Internal and Site C DMZ are different Virtual Routers runn...

Basic Setup.png

Log Forwarding - multiple instances of same catgory?

In Log Forwarding Profile I have URL Filtering/All Logs going to a log collection server. But for URLs of a phishing category I want those to be emailed. I tried to do this by creating a second profile match list profile URL Filtering/phishing. But it doesn't seem to be working. Any advice on how to have some go to email while most go to log se...

Admin credentials were not changing

HiWe have 2 PA-850They are working in HA modeWhen i got the handover they gave the admin credentialsThe secondary was always activeWhen i tried to login to the passive one the admin password did't workAt the end i logged in with the initial password created on first deployment 2 years agoAnd it was not changing from Web or CLIThe issue fixed aft...

Ask Your Questions Now! Cyber Elite Ask Me Anything (AMA) Event

Ask your questions now through June 30 as the LIVEcommunity Cyber Elite Experts will be available in a Q&A session for an opportunity to learn, join in, ask questions, and meet our experts! The Ask Me Anything (AMA) Event will be an opportunity to ask our Cyber Elite Experts questions about a range of technologies, solutions, and how they ca...

jennaqualls by Community Team Member
  • 2218 Views
  • 1 replies
  • 0 Likes
  • 24381 Posts
  • 123 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks