General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Resolved! possible to unblock for one website - Block sessions with untrusted issuers?

Hello,On my "no-decrypt" policy - I couldnt find a way to exclude only a specific site from having an untrusted CA issuer. The only way to solve the problem and to be able to connect the device on our LAN to the website was to uncheck the box on the no-decrypt profile " Block sessions with untrusted issuers" - but now that opens up all of them.

roma by L2 Linker
  • 2937 Views
  • 1 replies
  • 0 Likes

No way to unsubscribe?

The unsubscribe link at the bottom of the newsletter takes me to a page that only has a "Subscribe" button. An unsubscriber should not have to agree to Terms of Use and a Privacy Statement.

Easiest way to find and replace Interfaces

What is an easy way to find and replace Palo Alto interfaces? Let's say for example I am combining a bunch of interfaces such as ethernet1/9 and ethernet 1/10 into an aggregation group (i.e. ae1) and adding these as tagged VLANS i.e. ae1.123, ae1.456 Q: Is there an easy way to migrate over replacing the Interfaces for all the NAT rules, IKE Gate...

birkhojk by L2 Linker
  • 2944 Views
  • 1 replies
  • 0 Likes

Resolved! Wildcard certificate for management interface access

Hi, A client is trying to install a wildcard certificate on their firewall for management access, but is receiving a certificate error in the browser. Is the below the correct way to generate the required CSR for the firewall for a wildcard certificate? Can a certificate with the attributes shown be uploaded to the firewall and work, witho...

BenPrice_0-1646699239332.png
Ben-Price by L4 Transporter
  • 6310 Views
  • 5 replies
  • 0 Likes

SDWAN Failover issue

Dear Team, We Are facing issue in link failover and internet SDWAN we are unable to get the internet using SDWAN so pls align the engineer

Pan Commit Changes By User

An intriguing feature of PAN OS 8.0.9 is the ability to commit your own changes as opposed to all candidate config. This would be great because it's often that two or more engineers will have changes that overlap pending the approval chain. But if I click on Commit Changes Made By (my user ID) - and then try to Preview Changes, I get an error li...

Resolved! GP / PA GUI fault

Hi, I currently have Palo running within a EVENG environment.I have set up Global Protect, the problem seems to be every time I try to log into GP using an AD account. I am automatically logged out of the Palo GUI. Furthermore, the username/password does not even authenticate, even though the un/pw is correct, Has anyone had this problem ? Tha...

Vimz888 by L1 Bithead
  • 3928 Views
  • 3 replies
  • 0 Likes

Pan-OS 10.0.0 series version WebGui working slow

PA-850 model. From last 2 months its working slow we upgraded it to 10.0.6 version. If any have reason behind this please share.Or any one have details from TAC then please share in comment.Our PA 220 and PA 850 model we upgraded with 10.0.6 version and facing slowness issue WebGui page of any tab we click it take time to open. If we click on an...

SurajN by L2 Linker
  • 2441 Views
  • 1 replies
  • 0 Likes

URL Category of Security Policy with destination "Any"

Dear All, I created a security policy as below. However, I find all traffic will go through this policy. Do you have any idea? Thanks Source: AnyDestination: AnyService: 443, 80 and specific portURL Category: Custom (*.s3.amazonaws.com) Peter

PChow4 by L1 Bithead
  • 4369 Views
  • 4 replies
  • 0 Likes

LDAP authentication for CLI

I got LDAP authentication working so that when logging into the Web GUI the microsoft active directory accounts works with no problems. When a user logs into the CLI and tries using their LDAP account the system log shows invalid username/password. the username syntax is <title>.<firstname>.<lastname>.

snormoyle by Not applicable
  • 7208 Views
  • 7 replies
  • 0 Likes

Resolved! url filtering

Hi i have raised a change request for url recategorization but not yet received update from palo alto. It has been 24hours

PaloAlto support account

Hello,I am trying to create the PaloAlto support account to be able to access the support portal, I provided all required informations however I get error and I should contact support, I tried to call the support using the local number in Germany no one is answering. How I am supposed to get your support ?

PA HA with Topology Design

Hello Community,I have two sites, I did an initial design, and I want to make sure that I won't find any problems in real installation*on site 1 (topology1) We found a problem that the distance between ISP installation and IT room more than 200m So we wanted to use a media converter copper to fiber , Is this correct or could it cause a problem ...

  • 24393 Posts
  • 123 Subscriptions
Top Solution Authors
Labels