General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Resolved! Most stable version of GlobalProtect Client with linux support?

Good Morning All, I'm relatively new to the PA world, we recently moved away from Meraki MX devices and have upgraded to a PA820 for our main office and PA220s for satellite offices. I have a couple of linux users that are having issues with not being able to use CLI tools and the menus are scaling strangely in 5.2.6.What do you folks see as the...

Firewall collects huge number of syslogs into a giant file then sends it causing delays.

We are having a huge problem with only one of our syslog destinations. Instead of sending the syslogs as they are generated, the firewall is collecting them into a huge file (10-40GB) and sending this a few times a day. This is ridiculous and is making the syslogs useless. It is only doing this for one of 4 syslog servers. Percent utilization of...

Resolved! Unable to See Rule in Output of Running Config

Hello. I have read only access to our firewall and in the past could do the command show config running and see all the rules in use. Now, I don't see near as many as used to. If I go to the web GUI and Monitor tab for instance, there is a rule named APP34-ROW-09-PAN that's actively allowing or denying traffic. If I search this in the cli ou...

c89217 by L1 Bithead
  • 3909 Views
  • 4 replies
  • 0 Likes

Log at session start??

Hello everyone,What I read the best practice is to enable log at session end, is there any use case to enable log at session start?any thoughts?thanks

Host machine behind Palo Alto VM firewall

Hello all,I am running PAN-OS 10.0.1 VM series firewall in VMware workstation. Currently I have a windows 10 VM machine behind the firewall. My interfaces are set to eth1/1 is the outside interface which is set to my home network. Eth1/2 is my inside interface which is set to a 172.x.x.x/24 subnet. I have a default route point to my home route t...

Owen1 by L0 Member
  • 2693 Views
  • 2 replies
  • 0 Likes

GlobalProtect OTP (Googleauthenticator)

Hi,I have GP configured using LDAP for authenticating. Now i would like to configure LDAP with OTP (Google authenticator). So i have several questions:-Its possible to configure LDAP+Google authenticator? is there any procedure o manual to help?-In order to not impact in the current GP connection. Its mandatory to use another public IP for this ...

BigPalo by L4 Transporter
  • 2198 Views
  • 1 replies
  • 0 Likes

External GP Authenticate LDAP + Radius (Google Auth)

Hi Folks. aAnyone know if the integration to external GP users to LDAP and Radius integrtion works in the same process?I probe the integration between Palo Alto - Google Authenticator trough RADIUS and it works perfectly. But now I need to integrate the same with LDAP in the entire authentication process. So customer wants: GP user opens and aut...

RPerez11 by L0 Member
  • 3438 Views
  • 2 replies
  • 0 Likes

Panorama Template Variables

Hi All Hope everyone is keeping safe. I'm in the process of adding a HA pair into Panorama, will use single device template and single template. To do this I need to set some variables, such as Hostname, Peer1 IP, Management IP address. I cant find the list of variables anywhere.....Only ones I can find is $ha_peer_ip & $ha_device_priority ...

NAT/PBF behaviour

Hi, I am having some trouble successfully creating a NAT/PBF combination. Long story short...: We have an office with two WAN switches that have IP addresses in the same range as that office LAN WiFi IP range. Thus if anyone in the office or on their VPN tries to SSH to these switches the core switch routes it back to the LAN as that is where th...

NAT1.PNG
NAT2.PNG
PBF1.PNG
PBF2.PNG

Site-to-Site Palo Alto VPN is Failing

I apologize if this is posted in the wrong message board. It is unclear to me where I should specifically be asking this type of question. I configured a site-to-site IPSec VPN between two Palo Alto's and they are both failing on Phase 1 and Phase 2. The local addresses are in the same IP address range and I am not able to change them. A test V...

  • 24393 Posts
  • 123 Subscriptions
Top Solution Authors
Labels