General Topics

Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

 

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! 

 

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 191 Views
  • 0 replies
  • 0 Likes

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

 

Rules and Best Practices

 

  1. Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion
...

JayGolf by Community Team Member
  • 873 Views
  • 0 replies
  • 0 Likes

flow_fpga_ingress_exception_err and high latency

Recently deployed several PA-5250s Running 10.1.3 and there is a issue that randomly comes and goes.

Latency for traffic going through the firewalls spikes to 100-500ms. I was able to capture one thing that looked peculiar and that was flow_fpga_ingre

...

category malware with action allowed

Hi,

we use Splunk.

 

We tried following searchstring: http_category=malware | timechart count BY vendor_action

 

We find out that we get back action allowed with category malware.

Is there a failure in the search? The action in our URL security profi

...

Resolved! Allow single user to bypass MFA

Hi All,

 

I would like to access Global Protect for myself using different profile to access one of our resources subnet 10.21.xx.xx.

 

I want to access without having to go through 2FA. Any idea for it? is it possible?

 

Do we need to create another gatew

...

Using minemeld to whitelist Oracle Cloud IP ranges?

I currently use minemeld to whitelist the list of O365 IP ranges etc, but I have not been able to find a miner for the Oracle Cloud.

 

Oracle publishes a JSON file with the relevant IPs (https://docs.oracle.com/en-us/iaas/tools/public_ip_ranges.json)

...

Resolved! SSL Decryption for IoT devices

I am rolling out SSL Decryption for the wired subnets at my office. It's working great for the users since their laptops and devices are on the domain and trust our private CA which is used as the forward-trust cert. I'm running into issues with othe

...

Resolved! Application Override Question

Hi All,

 

I got this question from the learning center for the PCNSE practice exam. Dont know if its allowed to post the screenshot here.

 

 

From my understanding of using the application override, the firewall stops any further content inspection. It wa

...

app-override.PNG

Resolved! VPN Issue on interface subnet change

Hi All,

 

Help here will be appreciated.

I am migrating a pair of PA-5220's to Active-Passive as they are currently Active-Active. First job in the task is to change the interfaces from /30 to /29 subnets. This is to ensure that both firewalls sit withi

...

a.jones by L3 Networker
  • 2875 Views
  • 2 replies
  • 0 Likes

Resolved! Allow a more specific path of a Blocked URL

Hi All,

 

I'm trying to determine if this is possible.

 

We are blocking abc.company.com via an entry in a custom url category which is applied to the internet policy via a URL filtering profile.

 

I need to allow abc.company.com/specificpath while still b

...

epeeler by L2 Linker
  • 5650 Views
  • 3 replies
  • 0 Likes

Resolved! Configure DHCP reservation on Global Protect user

Hello Community,

 

Is there a way on the PALO ALTO that we can do DHCP reservation while using the Global protect client VPN.

As of now we don't have any DHCP relay on the PALO ALTO. The PALO ALTO is the one providing IP address for the global protect u

...

Resolved! Whitelist Java Traffic

Good morning,

I am relatively new to the PA's, but was wondering if there was a way to have a list of URL's & domains to whitelist Java traffic & block everything else?  And if so, can I then write any kind of regex to match specific java versions, sa

...

Site to site vpn issue

Dear Team,

I have one site 2 site VPN tunnel b/w Paloalto and cisco. some time i can see the tunnel is going automatic down and after some time it will come automatically. 

I have checked ikemgr and system logs but i am not able to find exact issue why

...

  • 24007 Posts
  • 115 Subscriptions
Top Solution Authors
Top Liked Posts
Top Liked Authors
Labels