General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Palo Alto OSPF Graceful Restart

Is Palo Alto's OSPF Graceful Restart checkbox on the virtual router roughly equivalent to Cisco's NSF IETF method? If I do this on a Palo Alto: And this on a Cisco... Q:Should it work? enableconfigure terminalrouter ospf process-id [vrf vpn-name ]nsf ietf [restart-interval seconds ]endshow ip ospf [process-id ] https://www.cisco.com/c/en/us/td...

birkhojk_0-1656355347224.png
birkhojk_1-1656355562602.png
birkhojk by L2 Linker
  • 5334 Views
  • 1 replies
  • 0 Likes

Comment column for custom url categories?

IP lists for edls have:https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/policy/use-an-external-dynamic-list-in-policy/formatting-guidelines-for-an-external-dynamic-list/ip-address-list#idd44a975a-a94a-4398-864e-5cf223f1d351Is there a way to add a comment to why a specific URL was added into an already existing custom URL category? Li...

Sec101 by L4 Transporter
  • 3573 Views
  • 4 replies
  • 0 Likes

Whitelisting a url with 2 different ip address

Just wanting to make sure I am doing this properly so it works how its accurately. I am trying to whitelist 2 different IP's and a single url https address. I am trying to do this for a specific group of users on the firewall are able to access it and not a huge group.

Resolved! PBR/PBF to DMZ then Internet

Greetings!As title suggests, I'm trying to implement PBF to the specific destination network in Internet through a server residing in DMZ. There are three zones configured: Inside 10.0.5.0/24 - from where traffic is initiated DMZ 10.0.22.0/24 - where intercepting server is connected. Plain Linux with net.ipv4.ip_forward = 1Outside 2.2.2.2/30 - f...

Flang3r by L2 Linker
  • 4391 Views
  • 2 replies
  • 0 Likes

Logs not been sent to dedicated log collector by some firewalls

Hi All, I have an interesting issue of most of my firewalls not sending logs to the log collector. Have only a 20% success ratio with successful log collection thus far. I see the below in the below: Log Collector : 000710004755Conn ID : lr-10.95.87.8-2Connection IP : 10.95.87.8Conn Source IP : lr - ...

GlobalProtect agent error message "ERROR_WINHTTP_CLIENT_CERT_NO_ACCESS_PRIVATE_KEY"

Hi all, I deployed the GP agent and user was authenticated by client certificate, most users wroks, but some users cannot pass the authentication and get the following error messages in PanGPA.log: (T1356) 06/08/18 13:39:53:722 Info (2559): PanWinhttpCallback(dwInternetStatus=WINHTTP_CALLBACK_STATUS_REQUEST_ERROR, this=0000029E2C99C820)(T1356) 0...

Resolved! WildFire analysis report rabbit images

Dear Team, When my client clicks on the WildFire analysis reprot, they see the rabbit image as shown below. Has anyone had the same experience as me? I would like to know the cause of the symptom and how to solve it. Thanks in advance,Kyungjun,

CHOEKyungJun_0-1656037901157.png

Resolved! Traffic cannot return

Hi Folks I have the next topology. The problem is the return traffic when I connect via GlobalProtect and I get a client IP 10.81.235.x. This IP cannot connect with a web server that is in the LAN, but this LAN is external through a data link routing.In the other side, owner of web server 192.168.36.38 they don't want to include subnet GP 10.81....

apazmino by L1 Bithead
  • 5959 Views
  • 4 replies
  • 0 Likes

Resolved! reaching Session Count Limit

Hello, what exactly happens when the firewall reaches the Session Count Limit? Discard the new sessions? and above all as regards the globalprotect VPNs are impacted?In my scenario I have two 5250 PAs working in HA Active / Passive and corporate VPNs go through globalprotect, I was wondering what happens if the FW reaches the session limit. Than...

porq91 by L1 Bithead
  • 5429 Views
  • 1 replies
  • 0 Likes

SNMP OID for identifying if an power supply had failed or removed from the firewall

Hi Team, We have an PA-5260 deployed in our environment. We need to get alert on our SNMP Manager when the Power supply to the firewall failed or the power supply had been removed from the firewall. Downloaded the Enterprise MIB file but not able to find the MIB OID for monitoring the power supply. Thanks in advance.

Issue with network driver of PAN-OS 10.1.3 deployed in azure

Hi Folks, We have an PA-VM-100 series firewall deployed in the Azure cloud. We have three NIC cards mapped to the firewall interfaces which is configured as below:NIC card 1 <-----> Management interfaceNIC Card 2 <----> Untrust interface(Ethernet 1/1)NIC Card 3 <----> Trust Interface(Ethernet 1/2) Recently we had upgraded the f...

Global Protect Redundancy

Hi, I would like to set up Global Protect VPN on 2 sites, and have a round robin redundancy between them.i.e. user1 logs on the GP VPN and connects to site A, then user2 connects to GP VPN and connects to site B, and so on... Is this possible? regards,

"You have been logged out due to unknown reason"

Any idea what causes this or how to investigate it? I can see the event as "User Me logged out via Web from My_IP" in the System Monitor tab. Happens intermittently otherwise I'd look at this: https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClvyCACThis latest time, I did notice that "'Installed antivirus package: panu...

logged out.PNG
  • 24393 Posts
  • 123 Subscriptions
Top Solution Authors
Labels