General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Ensuring a Safe and Secure Community: How You Can Help

 

Dear LIVEcommunity Members,

 

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

safe-community_oct24.jpg
report-content.jpg
jforsythe by Community Team Member
  • 221 Views
  • 0 replies
  • 0 Likes

Migrate Panorama from VMware to AWS

Has anybody migrated Panorama from on prem to AWS? There are a few options that are available to us, and I am trying to decide which option is the best. Also, if you can list any "gotchas" during the migration that would benefit us, that would be rea

...

Fr4nk4 by L2 Linker
  • 3470 Views
  • 2 replies
  • 0 Likes

Resolved! IPSEC ON SECONDARY ADDRESSES

Hello,

just a little question it is possible to terminate a vpn-ipsec with a secondary adresses on external interface or I must use the main interface?

thks,

ALex

alle by L3 Networker
  • 3935 Views
  • 3 replies
  • 0 Likes

Resolved! SSL forward-proxy certificate import

I've gerenated a CSR to give my enterprise CA. Now, I've recieved the enterprise CA-signed certificate ann imported it onto the firewall.

The status reads "valid". The "Key" box is checked, however the "CA" box isn't. 

Also, when I select the certifica

...

Geoblocking Missing

We are on 8.1.21 - When creating a geoblocking rule I do not have the option for 'Regions' in my rule drop down.  Is this due to my version OR do i need to upload a geoblocking list [how?]

 

thanks!

NAT before IPSEC

Hi folks,

 

We have a vendor requiring a public IP for the encrypted traffic.  Their guidance is based on Cisco configurations using "NAT before IPSEC" configurations.  Can anyone share/link a guide for this configuration on Palo?  Currently on PAN-OS

...

dmz data flow

Hi,

 

Please advise 

Hi,

I have a design flaw . I am trying to test dual dmz . dmz server the gateway is on the dmz firewall . 

If the server in dmz wants to send data to dc server it has to go back through the same switch 

 

How to avoid this ? 

 

And also,

...

dual dmz.PNG
simsim by L4 Transporter
  • 3716 Views
  • 7 replies
  • 0 Likes

Resolved! GlobalProtect MAC Address Filter?

Hello folks,

 

I am being asked if GlobalProtect could be locked down to only except a specific list of MAC addresses (our corporate laptops) only.  

 

I see information about Device Block list or HIP configuration.  I don't really want to specify a bloc

...

OMatlock by L4 Transporter
  • 10868 Views
  • 6 replies
  • 0 Likes

Resolved! Unable to Commit

I've just changed the configuration of the management ip address, but can't commit the change. When I attempt to submit it I get the following error:

 

admin@PA-3050# commit


...
ID population failed
Error: id 10630 is outside allowed range [1-3583]
(Module

...

  • 23614 Posts
  • 107 Subscriptions
Labels