General Topics
Showing results for 
Search instead for 
Did you mean: 
General Topics

Forum Posts

Happening in June: The Complete Zero Trust Network Security Event

Greetings everyone, Don't miss Palo Alto Networks' Complete Zero Trust Network Security event coming up in June. This event will cover the following points related to the newly unveiled Zero Trust Network Security: Secure access to the right applicat...

jdelio by Community Team Member
  • 1 replies

Resolved! GlobalProtect, Working from Home, Prisma Access and Covid-19

To all, Just wanted to post a message about the Hot Topic right now, which is Covid-19. With all of this going around, everybody's health and safely is the utmost concern. Keeping your hands clean, washing your hands (A LOT), using hand sanitizers, a...

jdelio by Community Team Member
  • 41 replies

Resolved! HA failover if Running Config is not synced

If on Active Passive PA both shows running config not sync Say failover happens for somereason or we trigger the manual failover bgy suspending the active PA will then Passive PA becomes active and start passing the traffic even though running config...

MP18 by Cyber Elite
  • 2 replies

Is it secure ?

Hello allWe have configured GP REMOTE ACCESS VPN with OTP authentication.Ones we try to connect to Portal it failed to pass at the first time only second time.In Radius server we see that it tries to authenticate first the Ldap account then VPN accou...

Radmin_85 by L4 Transporter
  • 3 replies

Resolved! ha syn failure - url filtering

on passive PA we are seeing ( description contains 'No synching file to peer because local state is not Active (Passive).' ) is this normal?

MP18 by Cyber Elite
  • 2 replies

Resolved! Revert configuration through CLI

Hi Team!.I have been testing in a PA. But I can not go through webgui, it gives me certificate error.How could I revert the configuration through CLI ?. I have saved a snapshot, but how could I load it through CLI? regards

syn without window-scale option

Hi community, i am trying to access a website from LAN side of palo alto, even though correct policy is configured, tcp handshake was not complete. after packet capture i am able to find below points client sending syn packetbut i am not able to get ...

Deleting Panorama templates

Hi, A firewall has been configured with a template from Panorama, the template was then deleted from Panorama.Can i safely remove the template from the firewall without deleting the config applied through the template?

Empty "File URL" in "Data filtering"

Hi,I applied the default "basic file blocking" profile to the policy that allows users to access the Internet.In the "Data Filtering" monitor I can see few files being blocked (EXE files for example), but I can't see the full URL of that file (the "F...

AMoretti by L1 Bithead
  • 4 replies

pre-stage changes in Panorama

Is there a good way to pre-stage changes using Panorama? Sometimes I have needs to make a rather complex set of changes in various areas, but I don't want to commit them to the firewall for days or even weeks. Is there a good way to handle this? I kn...

Force URL filtering for AnyConnect Users?

Hello - I'm looking for some way to force AnyConnect VPN users to go through the PAN which is on the inside for URL Filtering. A couple of caveats:- Can't move to GlobalProtect because of ISE integration with AnyConnect. - Want to use PAN for URL Fil...

zac_hg by L1 Bithead
  • 0 replies

Failover Link Monitoring too long

Hello guys, I have 2 plao alto configured with HA Active/passive mode. On both firewall, I configured link monitoring on link group with ethernet 1/11 and ethernet1/13 that are aggregated on Ae1 with condition "ALL". Those interfaces are plugged to a...