General Topics
cancel
Showing results for 
Search instead for 
Did you mean: 
General Topics

Forum Posts

Happening in June: The Complete Zero Trust Network Security Event

Greetings everyone, Don't miss Palo Alto Networks' Complete Zero Trust Network Security event coming up in June. This event will cover the following points related to the newly unveiled Zero Trust Network Security: Secure access to the right applicat...

seattle-launch-live-community-r2b-1100x120.jpg
jdelio by Community Team Member
  • 446 Views
  • 1 replies
  • 4 Likes

Resolved! GlobalProtect, Working from Home, Prisma Access and Covid-19

To all, Just wanted to post a message about the Hot Topic right now, which is Covid-19. With all of this going around, everybody's health and safely is the utmost concern. Keeping your hands clean, washing your hands (A LOT), using hand sanitizers, a...

jdelio by Community Team Member
  • 18131 Views
  • 41 replies
  • 32 Likes

IPsec tunnels, VPN features & licensing

I have a few PA 200's all with base license ready to install for a multisite company that needs a full mesh all over broadband internet. I am willing to manually configure each IPsec tunnel one by one if that is a free option that does not require ad...

GOOGLE MAPS WHILE BLOCKING OTHER GOOGLE SERVICES

Does anyone have any ideas on how to permit access to Google Maps but block access to all other Google services? I have tried using a rule matching the Google-Maps application however it requires google-base which allows many other Google services. I...

j.moore by L2 Linker
  • 2175 Views
  • 11 replies
  • 0 Likes

Newbie: Local (wildcard?) certificate(s)

I'm running a VM-100 with several zones where I have MS AD / WSUS in one, two zones with lots of wireless device management, another zone for vmware management etc. Every day I run into web browsers yelling about unsecure acces to local device manage...

Resolved! Base ID manager is reset

Anyone run into this issue? It raised a "Critical" log but appears to have occurred during a validate. Having issues finding any references on this alert discription. Base ID manager is reset - System Log

ert.png

Resolved! Destination NAT to other Port

Hey all,there is a ssh server in an internal network. I want to access that server from public, but with source port for example 11111. The server listens on normal ssh port 22.So I would like the firewall to do a port translation from 11111 to 22.Is...

MPI-AE by L4 Transporter
  • 2237 Views
  • 4 replies
  • 0 Likes

Resolved! Query on HA1 link

Hello, We have an Active-Passive setup. The HA1 link in the Active unit shows down (red) if the Link settings are set to auto/auto.If I change the settings to 100mb link, full duplex and link state to up, the port shows up (green).Shouldn't it work i...

Auto.png
Full.png

Need information on DHCP Relay

Hello. To start I had a DHCP server configured on one of the interfaces on our Palo 810 PanOS 8.1.2. The DHCP addresses being handed out were not being registered with our DNS server so I was tasked to make that happen. I figured I would just set up ...

QOS bypass traffic

is there any way to get more info about what kinds of traffic are being classified as "bypass" traffic?i have not found anything in cli, traffic logs or acc.

wlloyd by L2 Linker
  • 973 Views
  • 1 replies
  • 0 Likes

Resolved! Microsoft Windows Auto Pilot and SSL decryption

Hi Everyone, Seems the Microsoft Windows Auto Pilot does not work when SSL decryption is enabled.I tested see no drops on the global counters and nothing on PA PCaps. When disabled SSL decryption it worked fine. Any ideas? Mike

MP18 by Cyber Elite
  • 1295 Views
  • 4 replies
  • 0 Likes

Resolved! User ID mapping when switching between wired and wireless

A lot of my users login into their computers using the wired connection. Then when they are off to meetings, they switch to wireless (without logging out and logging back in). If I turn off client probing, this creates an issue where they switch to w...

MikeC by L3 Networker
  • 1841 Views
  • 4 replies
  • 0 Likes

Resolved! FQDN cache limitations

I wanted to reach out tot he community and see how people are handling FQDN cache limit issues. Example: * Internal DNS caches up to 8 IPs for each FQDN* PAN device will cache up to 10 (source: https://knowledgebase.paloaltonetworks.com/KCSArticleDet...

hshawn by L4 Transporter
  • 2036 Views
  • 2 replies
  • 1 Likes

Authenticating with Captive Portal

I just got off the phone with technical support and the technician said that the only traffic I can authenticate is http/https. Can someone confirm that the use case below is not valid? Here is what I want to do: Use HTTPS to authenticate a user Afte...

joynert by L1 Bithead
  • 2461 Views
  • 12 replies
  • 0 Likes