General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

How and Why to Accept a Solution to Your Post

Did you know that you can help your fellow community members by accepting solutions when a reply answers your question. Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature

...

JayGolf_0-1691518400714.jpeg
JayGolf by Community Team Member
  • 2957 Views
  • 2 replies
  • 14 Likes

Resolved! PA UID LAB not working correctly

Hi Everyone,

 

I am currently having issues trying to get UID to work on Eve-NG using PANOS 9.0.4, it is a only a EVAL license but everything is working except for UID.

I have followed agentless guide to setup and AD server is connected to the PA as per

...

Vimz888 by L1 Bithead
  • 3093 Views
  • 4 replies
  • 0 Likes

SDWAN and Tunnel Monitor config

Hi All,

 

I'm trying to get my head around SD-WAN and tunnel monitoring, specifically SD-WAN AutoVPN creates Tunnels with tunnel monitor turned on with a destination IP of the other side of the tunnel and the Tunnel Monitor profile set to sdwan-default

...

KevinJB by L1 Bithead
  • 2980 Views
  • 1 replies
  • 0 Likes

Retro-fitting standard SD-WAN into existing firewalls

I want to deploy hub-spoke SD-WAN into my existing routers, but it says you must do it through Panorama.  It then wants me to create a template, add the router, interface, etc. and basically define everything to do with SD-WAN in Panorama.  The probl

...

Advertising default route in OSPF Totally Stubby Area

Hello,

 

I've setup an OSPF Stub area with the below options on the ABR:

 

- Accept Summary [ unchecked ]

- Advertise Default Route [ checked ]

 

However if I look at other neighbors in the area they are not received a default route pointing to the ABR. Is

...

NobleNOC by L0 Member
  • 2156 Views
  • 1 replies
  • 0 Likes

Device groups out of sync for multiple firewalls

After importing a new firewall into Panorama all of the other firewalls are now showing out of sync. I believe it's because the box was checked that says "import devices shared objects into panoramas shared object context". When I tried to push to de

...

Slade34 by L0 Member
  • 1592 Views
  • 1 replies
  • 0 Likes

Palo Alto Globalprotect performance optimization

Palo Alto have released a great article how to optimize the remote VPN by removing the tunnel when the user logs out.

 

 

https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000PP3ICAW

 

 

I may also add that somethimes ipsec works bette

...

Tunnel interface show "Red"

Hi,

As iam facing the issue with  Passive firewall as interface status show "Red"

 

Moreover Tunnel monitoring is already disable still it's show red. As on the active firewall the it's show green,

Can you please advise.

 

Joshan_Lakhani_0-1616928688768.png

User-id redistribution not working

I have user-id successfully configured on a fw, and i am trying to redistribute these mappings to panorama 

 

We are using the integrated Panos agent, 

 

i have created the the user-id collector name/pre-shared key on redistribution tab of the User-id Ag

...

Resolved! API call to panorama how to register DAG?

When registering IP's to Tags on panorama, do you have to specify a target or device-group or serial number in your call?  How does that match/registration actually occur?  Do you have to specify a "location   device-group"  in the call?

 

<uid-message

...

Sec101 by L4 Transporter
  • 3377 Views
  • 5 replies
  • 0 Likes

What is "'service':Off" in chassis.leds on PAN-OS 9.1?

Hi,

I found out a new item in 'chassis.leds' on PAN-OS 9.1.
There is not shown on PAN-OS 8.1.
Anyone know what does it mean 'service':Off ?

- v8.1
>show system state filter chassis.leds
Chassis.leds:{'alarm':Off, 'fans':Off, 'ha':Off, 'log':Off, 'status':G

...

Mt_103 by L2 Linker
  • 1536 Views
  • 1 replies
  • 0 Likes

NAT issue for accessing ICMC service from google

We have 4 production servers are accessing ICMC service which is hosted in following URL “pubsub.googleapis.com”,

 

If all 4 servers in common NAT rule then there is a time-out error observed which caused ICMC service failure.

 

We have tried change the

...

gasin1 by L1 Bithead
  • 2005 Views
  • 4 replies
  • 0 Likes

Global Protect Users Experiencing Telnet Disconnects

I wanted to see if I can get some help with some session termination problems that I am experiencing for Global Protect users. Our remote users connect to an on-prem ERP systems through telnet, tcp/23.  I recognize that this protocol has inherited pe

...

CCullhaj by L1 Bithead
  • 2497 Views
  • 3 replies
  • 0 Likes
  • 24037 Posts
  • 99 Subscriptions
Top Solution Authors
Top Liked Authors