General Topics
cancel
Showing results for 
Search instead for 
Did you mean: 
General Topics

Forum Posts

Happening in June: The Complete Zero Trust Network Security Event

Greetings everyone, Don't miss Palo Alto Networks' Complete Zero Trust Network Security event coming up in June. This event will cover the following points related to the newly unveiled Zero Trust Network Security: Secure access to the right applicat...

seattle-launch-live-community-r2b-1100x120.jpg
jdelio by Community Team Member
  • 446 Views
  • 1 replies
  • 4 Likes

Resolved! GlobalProtect, Working from Home, Prisma Access and Covid-19

To all, Just wanted to post a message about the Hot Topic right now, which is Covid-19. With all of this going around, everybody's health and safely is the utmost concern. Keeping your hands clean, washing your hands (A LOT), using hand sanitizers, a...

jdelio by Community Team Member
  • 18131 Views
  • 41 replies
  • 32 Likes

opcmdhistory log missing in PanOS9.1

I noticed that the “opcmdhistory” log disappeared in Panorama after upgrading to PanOS9.1.It was there in 9.0 and previous versions. Do you know why it changed and if the information is in another log file? I was using it for troubleshooting and dete...

batd2 by L3 Networker
  • 165 Views
  • 1 replies
  • 0 Likes

Resolved! Why I see no logs for DoS policies

I am testing DoS policies and have alarm rate set as 1. I did not intend to be that low but I was not seeing logs under monitor for a server that is continuously used. There are flood logs from Zone Protection and they use a different log forwarding ...

image.png
image.png
image.png
raji_toor by L4 Transporter
  • 419 Views
  • 3 replies
  • 0 Likes

How to add static routes on panorama M-600

Hello , We have M-600 Panorama device and we need to get 2 seperate networks :MGT : for firewalls administration and to receiving logs ( this network is isolated from internet)Ethernet 1/2 : a new interface just to make panorama reach internet for up...

Elwess by L0 Member
  • 183 Views
  • 1 replies
  • 0 Likes

Block domain *.*covid*.*

Hi Teamcan we blocked domain in palo alto if domain name contains is *.*covid*.* in palo alto. I was also wondering whether blocking such domain will be better through dns sinkhole or URL filtering.

shubhamG by L1 Bithead
  • 221 Views
  • 2 replies
  • 0 Likes

ISP Router connection best practice

Hi All, Just looking for advise , pros vs cons about connecting an ISP internet feed directly to our core mpls/vpls switch. ISP Internet Router—>adva—>Core Switch(siteA)—>mpls/vpls—>Core Switch(siteB)—> Palo Alto The PA firewall will have a separate ...

MistryJa by L1 Bithead
  • 202 Views
  • 2 replies
  • 0 Likes

Resolved! Cannot install Machine Certificate for GP Pre-logon

I encountered a problem installing the machine certificate.I followed the article below:https://live.paloaltonetworks.com/t5/news/globalprotect-pre-logon-authentication/ta-p/322237 We are using a self-signed root ca that is in the cert profile for au...

ERROR.png
CERT.jpg

SSL Decryption blocking the Google Drive Desktop

Good afternoon, We recently enabled SSL Decryption on our FW and seem to have broken our Google Drive Desktop. We can access Google Drive via web, but just can't access it via the Google Desktop file stream. Anyone experiencing this?

Resolved! Policy based routing

Hi, Do we need a security policy, once the PBR configured in the firewall? OR FW just forward the packet to the Egress interface and not look for the security policy. Thanks.

ChiragP by L2 Linker
  • 262 Views
  • 2 replies
  • 0 Likes

Resolved! Authentication issue with Global Protect

We are having difficulty with our Active/Passive pair of PA_820’s where they are setup to allow auth to GlobalProtect based on AD group membership.If we create a new OU in AD and move a user to the newly created AD OU whilst still having the same gro...

Group Mapping.jpg
Auth Profile.png

Symmetric return with ECMP not working

Hi All, We have dual ISP setup, and to load-balance the traffic we are using ECMP with static routes, and it works fine for the internet bound connections and traffic gets load-balanced. We however face issues with connection to our VPN servers in th...

VarunRao_0-1614133551857.png
VarunRao by L2 Linker
  • 369 Views
  • 3 replies
  • 1 Likes

Globalprotect users cert renewal process?

I have 20 GP users that has certificate check as first factor of authentication. The certs are set to expire in a month. If I renew the cert and export it to them on a USB stikc, will that break the connection until the certs are installed? What is t...