General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Recently purchased 2nd hand PA-3050

Hi All, I recently bought a PA-3050 from my local auction house. Unfortunately I was not provided with an IP address of the MGMT interface so I am unable to connect to the device. I have gone through some of the usual default IP's however none of them appear to work. I have connected a serial to USB cable in and gone through each baud and no...

Adding Multi-Vsys firewalls into Panorama | issues, steps, and guides

Hi LIVEcommunity, I hope this article finds you healthy and well. A few months back I ran into a few road-blocks and "gotchas" when trying to add an existing multi-vsys firewall into Panorama and manage the firewall with a proper Template stack. There aren't any documents about this process, so I thought I would share my experience - I hope this...

JD-SECD by L1 Bithead
  • 5482 Views
  • 2 replies
  • 2 Likes

User-ID Agent - [Error 115]: Cannot open security log for DC..

These errors just don't make sense to me, I have followed everything as required. I am currently doing this in my lab and I'm stuck with this error about permissions, I have given permisions for event log readers, server operators and distributed com users. Any ideas on what's missing? I have installed the agent on win7 and the AD is on win srv ...

HA running configuration not sync

Hi Team We are facing the issue with HA running config not synchronized >> We have restarted the both active and passive firewall management server and push the configuration by execute the cli command 'request high-availability sync-to-remote running-config' but its showing as " Failed to synchronize running configuration with HA peer"....

Resolved! Endpoint protection IOT Question

What exactly is the purpose on the "endpoint protection" section listed under the inventory list in Palo Alto IOT cloud integrations? Is that just a section that shows you what devices are covered and which aren't? Or is this a section that actually suggests what type of endpoint protection to use on the given IOT device?

Sec101 by L4 Transporter
  • 3276 Views
  • 3 replies
  • 0 Likes

Intermittent sites not loading

Having issues with palo alto pa-820. Some times when users try to load sites they just don't load. Wait some time and site usually loads. Some times it is fine, loads fast, users not getting any errors. No changes made to cause issue. Thinking it is something with dynamic updates? This started on the morning of 12-04-2022.

IT_Fleet by L1 Bithead
  • 4917 Views
  • 7 replies
  • 0 Likes

HA Cluster Topologies and experiences

Has anyone had some hands on experiences with the new clustering features? I've read a bit on them, but like the post below, am struggling to make sense of the actual functionality/workability of the finer details needed for this setup as to how it exactly functions for multi data center scalability. Curious as to how the addressing scheme wo...

Sec101 by L4 Transporter
  • 5651 Views
  • 5 replies
  • 0 Likes

Default security rules, hit count and Apps Seen

Hi, I'm noticing a weird behaviour with default security rules "intrazone-default" and "interzone-default": For "intrazone-default" I can see how many apps have been seen by the rule, but if I click on the "Apps Seen" link nothing happens;For both "intrazone-default" and "interzone-default", if the firewall is connected to Panorama, I can't see ...

emyl_79 by L2 Linker
  • 3412 Views
  • 1 replies
  • 0 Likes

DNS Query Enchancement

Running PANOS-10.0.9. In GP Network>GlobalProtect>PortalsUnder App -Resolve All FQDNs using DNS servers assigned to by the tunnel(Windows Only) is Yes by default.I cant see these dns logs in Traffic logs?

isingh by L0 Member
  • 2237 Views
  • 1 replies
  • 0 Likes

Global Protect monitor

Good afternoon, I'm trying to understand the behavior of the global protect client as it pertains to session expirations. I'm getting a message "remove previous user" message. I'm trying to determine what that means as I'm used to seeing the "user session expired" message in the logs. What triggers the "remove previous user" flag? Is this u...

danoman2 by L3 Networker
  • 2593 Views
  • 2 replies
  • 0 Likes

SSL decryption issue with PIP

I have added the URL to the exception list with no luck. Any suggestions? C:\Users\Steven Williams\AppData\Local\Programs\Python\Python38>pip install Flask-SQLAlchemyWARNING: Retrying (Retry(total=4, connect=None, read=None, redirect=None, status=None)) after connection broken by 'SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY...

Allow one Youtube Channel but block all other Youtube video

Hi , I have searched the available articles, I couldn't find a proper solution perhaps LIVE member could help me on this There's online learning platform which I need to allow all videos from this site, the training videos are embedded with Youtube linksANDin the current firewall we have block all Youtube videos. I have found the Youtube channel...

webserver service stopping

webserver service in palo alto stopping after certificate renewal and trying to access GUI. CLI is working. Tried restarting webserver service and management plane. But its stopping as soon as we try to access GUI and unable to access

  • 24393 Posts
  • 123 Subscriptions
Top Solution Authors
Labels