General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

How and Why to Accept a Solution to Your Post

Did you know that you can help your fellow community members by accepting solutions when a reply answers your question. Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature

...

JayGolf_0-1691518400714.jpeg
JayGolf by Community Team Member
  • 2901 Views
  • 2 replies
  • 14 Likes

Resolved! CLI commands to add a device in devicegroup as master device

Hi Team,

 

I found some command to add a device in device group and template but couldn't find how to set a device as master device in device group with CLI,

Tried to search cheat sheet but the information/commands are not available.

Is it possible or th

...

Srikant by L1 Bithead
  • 3288 Views
  • 1 replies
  • 0 Likes

Dual ISP, PBF traffic not returning

I have two ISPs configured with path monitoring and I can successfully monitor the primary route and fail over to the secondary, however what I would like to do now is use PBF to always send some of my traffic out the secondary ISP.  Everything I've

...

NAT.jpg
PBF.jpg
Traffic.jpg
Cooper80 by L0 Member
  • 2145 Views
  • 2 replies
  • 1 Likes

unable to block google chrome updates

I blocked 'google-update' app in firewall rules but I still see some of the users' browsers getting updated. I can't find any helpful logs for those users. 

 

Please let me know a solid way I can blocked google updates on Palos.

 

TIA.

Resolved! HA down PA-220

I've a pair of PA-220 configured as cluster. After power off - on HA is down. But I can connect to both firewalls via https & ssh.
Active fw1 shows that HA ports 7 & 8 are down (red in GUI). On passive firewall fw2 all ports are grey.
But the real stra

...

ChrisCon by L2 Linker
  • 3358 Views
  • 3 replies
  • 0 Likes

Certificate renewal impact before expiry

In Palo Alto some certificate are expire in this months. Request you to help us to know will there be any impact at user end if certificate expires and we renew on firewall before expiry.

SurajN by L2 Linker
  • 2230 Views
  • 2 replies
  • 0 Likes

Resolved! tunnel monitor works improperly

hello

 

I am trying to enable the tunnel monitoring for an IPSec tunnel(not sure what device the other end is using) and got very interesting result.

The proxy id config is

local:172.16.17.3/32

remote: 146.48.211.0/24

 

My client subnet 172.16.2.0/24 will b

...

DongQu by L2 Linker
  • 2670 Views
  • 1 replies
  • 0 Likes

Automation of GlobalProtect installation

Hi all,

 

I am trying to automate the deployment of GlobalProtect software in laptops with Ubuntu installed and I have faced an issue not easy to explain. The operating system is being deployed automatically in chroot mode, and one of the last steps in

...

What does it means Stage e Events GlobalProtec Fields?

Dear, we are doing a large and hard troubleshooting to forensic analysis into our company, so we need know more information about the "GlobalProtect Stages and Events columns Logs Monitor".

Example: what it means the stages: before-login, tunnel, host

...

rennersf by L0 Member
  • 1621 Views
  • 1 replies
  • 0 Likes

GRE passthrough

Hi,

 

we have a site on an already trusted zone, we require to allow GRE traffic through the FW to enable our wireless access points communciate back to the wireless controller (aruba). I have created a custom security policy to allow this gre and papi

...

DForde by L1 Bithead
  • 1803 Views
  • 2 replies
  • 0 Likes

DNS security service review

Hello all,

 

has anyone tried DNS security service on Physical NGFWs? Does it provide any additional benefits compared to the regular Anti-spyware protection with Threat licensing?

 

Please post your reviews. TIA.

  • 24016 Posts
  • 99 Subscriptions
Top Solution Authors