General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Ensuring a Safe and Secure Community: How You Can Help

 

Dear LIVEcommunity Members,

 

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

safe-community_oct24.jpg
report-content.jpg
jforsythe by Community Team Member
  • 428 Views
  • 0 replies
  • 2 Likes

Resolved! Getting GPG error updating

We installed minemeld a year or two ago and have been running apt-get monthly with no issue. Today running apt-get had CRC errors shown below. I looked through this forum but didn't find anything that looked related. Any help would be appreciated.

T

...

CharlesSFG_0-1627405622967.png

TCP Reset being dropped at firewall

 

 

I have a client accessing a Citrix CAG via a firewall at one site on HTTP that I see traversing the FW, exist out towards the internal PA firewall reaches its destination.  The destination server is sending a TCP RST, we are told to redirect the br

...

Resolved! Multicast issue

AE1.1 is the static RP(10.1.1.1/24) and ae1.1 has 10.1.1.1/24 assigned to it. All the 10.0.0.0/8 routes are served by this sub interface and RP configured on switch is 10.1.1.1

AE1.2 hosts the mcast server and AE1.2 has gateway of 172.16.0.1/24.

Multic

...

multicast.png
raji_toor by L4 Transporter
  • 2740 Views
  • 1 replies
  • 0 Likes

Resolved! Static Bi-Directional NAT translation

Hi,

 

Is it possible to have 2 static bi-directional NAT rules configured for the same public IP address e.g. mapping one public IP address to 2 internal servers using the below linked config?

 

https://docs.paloaltonetworks.com/pan-os/8-1/pan-os-admin/n

...

Ben-Price by L4 Transporter
  • 2657 Views
  • 2 replies
  • 0 Likes

Internal host detection not Working

I have an external Gateway and I wish to setup always-on except when on local LAN. As a test i am doing this on my own username but it seems to always want to connect to external GW regardless of my settings.

 

I have turned on Internal Host detection

...

welly_59 by L3 Networker
  • 9008 Views
  • 11 replies
  • 0 Likes

User-Mapping Server Monitoring

Hi All,

 

Wanted to know the Best Practice for the User-Mapping with Server Monitoring, we have a few Firewall Sites which utilize the server monitoring feature whereas the vast majority others do not and use only windows User-ID agents for probing and

...

Dear Palo Alto Networks:

Your firewalls are generally okay.

But, the fact that you cannot get an interface bandwidth graph without configuring some QoS hack to only show an ingress interface traffic graph is stupid.

Every firewall vendor in the world has this feature. Except y

...

getting traffic after the interface is down

Hey guys hope you doing well I got a question I get a challenge one of my user getting traffic logs of NetBIOS by source Pvt IP from LAN to WAN the device from the source side is down the 2 Pvt IP still hitting the cleanup rule. The Policy is denied

...

Disable new apps in content update

Hi Experts,

 

We've a pair of firewalls (9.1.6) managed by the Panorama (9.1.6). We've Threat prevention license in place and client would like to install just the threats and not the apps by selecting disable the new apps in content update.

As recommen

...

TAC support has gone missing, again :-(

Opened a S2 TAC case @7pm ET 07/21/2021.  The SLA response time is 2 hours.  TAC didn't get back to me until 5:43am ET 07/22/2021.  The response from TAC is very vanilla, not helpful at all.

 

Call back to TAC this morning has been waiting for an hour

...

dtran by L4 Transporter
  • 2826 Views
  • 4 replies
  • 0 Likes

Resolved! Destination NAT Error

Hello All,

 

Doing an destination Nat but getting below Error. Could anyone please help me. Also pls find below my nat rule

 

 

 

Please note : Ethernet 1/1 is my Outside Interface

 

vishal_07_2-1627031851196.png
vishal_07_3-1627032032760.png
vishal_07_4-1627032054212.png

Exception Handling in Palo Alto Support Page 7/22/2021

Hello Palo Alto Team,

I would like to bring this up with you.

I noticed that your support page went down today 7/22/2021 and that is fine. What worries me is the way your system handles exception. I think you are exposing to much that end user like m

...

  • 23698 Posts
  • 110 Subscriptions
Top Solution Authors
Labels