General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Resolved! DNS external Global Protect

Good afternoon:

I hope you can help me with this, thank you very much in advance.

I have Global Protect configured as follows:

GP: IP pool 172.16.11.0/24
Split-tunnel Include: 192.100.11.0/24 ( Corporate LAN )
DNS assigned Global Protect: 8.8.8.8.8 and 4.

...

Metgatz by L4 Transporter
  • 5077 Views
  • 5 replies
  • 0 Likes

Multiple domains on PA

Hello ,

 

We have integrated already the AD ( 3 Servers for redundancy)

The User id we are using is the default one which is on the PA FW

 

The domain is  abc.nl  . The setup is working .

 

Now we are building an entirely new domain called abc.es .   migrat

...

Possible to disable SSH CBC cipher and weak MAC hashing?

Hi,

 

May I check if it is possible to disable SSH CBC cipher and weak MAC hashing on Palo Alto Firewall?

If so, may I know how to do it.

 

Had no luck searching for a solution online.

Seems like there is no menu/config file (e.g. /etc/ssh/ssh_config) to e

...

boss82 by L0 Member
  • 14086 Views
  • 3 replies
  • 0 Likes

Move interface to different vsys

Interface ethernet1/1 is currently in vsys1. When I try to change this to vsys2 from Panorama I get the message that the interface is already in use (by vsys1).

 

If I try to remove it from vsys1 in Panorama push is OK, bit it is still in vsys1 on the

...

hncl01 by L0 Member
  • 1472 Views
  • 0 replies
  • 0 Likes

/dev/shm filling up after 10.0.6 firmware

TMPFS partition /dev/shm on the VM series PAN.

 

Typically this is cleared on reboot but after upgrading to 10.0.6 its failed to clear the space on system reboot.

 

We have looked at the other drives on the PAN are there seems to be no capacity issues ot

...

Enable split tunnel for Zoom

Hi

 

We are planning to exclude all zoom traffic from Global protect VPN and currently we are using 4.1.5 GP agent version.

 

I have gone through the zoom documentation and created EDL but not getting option to exclude the EDL (external dynamic list ) in

...

Yusuf_PA by L1 Bithead
  • 5432 Views
  • 3 replies
  • 0 Likes

Resolved! 3250 HA setup

Hello

I am trying to setup HA on a pair of 3250s and am a little confused between what the datasheet says and what's available. Is there an example out there of how to set the ha1-a and ha1-b ports up. I've only done PA-850s and it appears the 850s ha

...

MGMT interface routing questions

When I configure the mgmt interface on its own network and I use the PA for routing, do I need to setup a static route to access the HTTP interface from a different network? Or does a service route take care of this automatically?

 

I have an HA active

...

  • 23579 Posts
  • 103 Subscriptions
Top Liked Authors
Labels