General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

 

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! 

 

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 1202 Views
  • 0 replies
  • 0 Likes

Why Did Strict IP Address Check Break this VPN?

We have been working with TAC to find the cause of this issue where FTP client could no longer upload to external companies FTP server over the VPN tunnel.  After many days, we started a packet filter on the Public Internet (WAN) interface, which is

...

ms.jzam by L2 Linker
  • 20056 Views
  • 30 replies
  • 0 Likes

Resolved! refresh external dynamic list real time with cli

Hi,

I need to update in real time the external dynamic list IP. 

Looking for this doc https://docs.paloaltonetworks.com/pan-os/9-0/cli-reference/pan-os-9-0-configure-cli-command-hierarchy.html and cli command "find command keyword",didn't see any comma

...

Resolved! FIPS Failure upon boot

One of devices was not properly shut down due to a power outage in a building.  When the device started back up, it appears that it entered maintenance mode.  The reason is FIPS failure.  I have attempted to reboot the device from maintenance mode an

...

BryanSG by L0 Member
  • 9648 Views
  • 2 replies
  • 0 Likes

Globalprotect 5.2 Cookie Issue

Hello 
We just upgraded our GP from 5.1.7 to 5.2.10

We have a gateway with SAML authentication
We have some connections issue with a message "already logged in" from the Identity Provider

I think this is due to the new feature "Default System Browser for

...

QoS max egress, no effect

Hi there,

 

I'm playing with QoS in our lab. I have a simple setup with two queue, first for SMB traffic, second for RDP traffic.

The max egress value is set, but when I transfer data, then both queues get bandwith values.

 

What I am doing wrong here?

 

 

 

...

PA QoS Monitor.png
PA QoS Profile.png
PA QoS Policies.png
Netzer by L3 Networker
  • 2301 Views
  • 2 replies
  • 0 Likes

site to site VPN on TP-link --- PALO ALTO ---- AWS

 

As of now STORE router/POS1 able to reach the head office(PALO ALTO) via site to site VPN and HeadOffice(PAN) to AWS also working via site to site VPN. But our main goal is that POS1/Store able to reach the AWS network. As of the momment POS1 not ab

...

IPSEC S2S store to HO to AWSrev1 .jpg

global protect connectivity issue (version 5.2.10)

Hi Team,

 

We have facing the connectivity issue on GP Agent 5.2.10.

 

After turning off the windows firewall, it's connecting.

 

Please let us know how we can achieve this without disabling the windows firewall. Because in earlier versions of GP client we

...

VishnuPS by L3 Networker
  • 2654 Views
  • 2 replies
  • 1 Likes

User-ID Agent not mapping users

Hello,

 

Im trying to configure User-ID Agent.

 

Dedicated users is created, with details acroding to: Create a Dedicated Service Account for the User-ID Agent (paloaltonetworks.com)

Agent version: 10.0.4-23

Agent is installed on Windows Server 2019.

DC's a

...

mgwozdz_1-1644489742592.png
mgwozdz_2-1644489787346.png
mgwozdz by L1 Bithead
  • 2339 Views
  • 1 replies
  • 0 Likes

Path Monitoring Static Routes

Hello All,

 

For some locations we have 2xISP setup, since we have no dynamic peering with any of those, we do a default static route via each of those. Having 'ECMP/Source IP hash' enabled it works just fine in a lab. We also do path monitoring for ea

...

Dynamic DNS Bind server updates from DHCP

Curious if the PA-3220 we are looking to use can dynamically send DNS updates to our Bind9 server whenever a DHCP request is granted from our PA DHCP scope we've setup? I know we can get a linux version of DHCP on our Linux server, but would rather l

...

tfleming by L0 Member
  • 2688 Views
  • 2 replies
  • 0 Likes

Decrypted traffic via firewall.

I don't have any decryption policy configured.
But I see port -443 traffic has decrypted flag yes in Traffic logs.
Is it normal for firewall to decrypt 443 traffic even when there is
no decryption policy?

PANOS0-9.1.10 VM-300

  • 24173 Posts
  • 117 Subscriptions
Top Solution Authors
Top Liked Authors
Labels