General Topics
cancel
Showing results for 
Search instead for 
Did you mean: 
General Topics

Forum Posts

Happening in June: The Complete Zero Trust Network Security Event

Greetings everyone, Don't miss Palo Alto Networks' Complete Zero Trust Network Security event coming up in June. This event will cover the following points related to the newly unveiled Zero Trust Network Security: Secure access to the right applicat...

seattle-launch-live-community-r2b-1100x120.jpg
jdelio by Community Team Member
  • 450 Views
  • 1 replies
  • 4 Likes

Resolved! GlobalProtect, Working from Home, Prisma Access and Covid-19

To all, Just wanted to post a message about the Hot Topic right now, which is Covid-19. With all of this going around, everybody's health and safely is the utmost concern. Keeping your hands clean, washing your hands (A LOT), using hand sanitizers, a...

jdelio by Community Team Member
  • 18143 Views
  • 41 replies
  • 32 Likes

Web-Browsing default port application

Hey , i just wondered why in the era that all web traffic is moving forward beeing encrypted and browsers like chrome will soon mark websites that uses HTTP protocol as "unsage" paloalto "web-browsing" application still uses in it's default ports onl...

minow by L4 Transporter
  • 4125 Views
  • 5 replies
  • 0 Likes

Site to site VPN help :(

Unable to make VPN work. Both "IKE Info" and "Tunnel Info" are red light in IPSec Tunnel.The peer is a Juniper vSRX.Normal configuration with trust, untrust and VPN zone in both firewall. Each zone has its own subnet.Both firewall can ping each other...

jeremylo by L2 Linker
  • 2424 Views
  • 5 replies
  • 0 Likes

LSVPN Satellite Reconnection Time

Does anyone know how to decrease the time between LSVPN Satellite connection attempts? If one of our satellites drops off (e.g. reboot/power outage/etc), after it comes back up it will take up to an hour to connect to it's nominated Gateway. Also, if...

GRE support on PAN-OS 8.0

Hi,is it possible to terminate a GRE tunnel on a PaloAlto? Parhaps there is something new in 8.0 Best regrads,Sebastian

sst by L0 Member
  • 1992 Views
  • 5 replies
  • 0 Likes

Resolved! Decryption servers same ip

Hi, We need to decrypt traffic (SSL Inbound Inspection) for a server which is running 3 URL. This server has 3 certificates, one per application. So we would like to decrypt traffic for this 3 applications but in decrypt policy we only configure usin...

jesuscano by L4 Transporter
  • 412 Views
  • 1 replies
  • 0 Likes

SSL Decryption Exclude List - correct syntax?

What is the correct syntax to exclude a whole domain, including subdomains and pages from SSL decryption? Say exclude all URL's from "test.com", would this suffice: *.work.com or would i need to include a list like: *.work.com*.work.com/**.www.work.c...

welly_59 by L3 Networker
  • 330 Views
  • 1 replies
  • 0 Likes

Re: Vwire and L3 Deployment Decryption

Hi,I would like to know the way it operates in the backend how palo alto does the SSL decryption in Vwire mode . As in a L3 deployment the connection will terminate on the firewall and firewall acts like a MITM and does the SSL Proxying. How is the c...

Sanssj by L2 Linker
  • 511 Views
  • 1 replies
  • 0 Likes

SSL Version

Is there any way for the traffic logs to display the SSL/TLS version that's in use for a particular flow? I don't see the data in the traffic logs or in the session info at the CLI.

Global Protect DHCP config

With our firewall for VPN and DHCP all we configure is under GP gateway/agent/client settings we have an IPpool and address route. We need to add DHCP option 160 and I don't believe that it can be done on the Palo. We have never setup a DHCP relay ov...

Resolved! Upgrading a stand alone PA-Firewall 3020 to a HA-Cluster

Hello everybody, is there any article or best practice document which discribes the configuration of a Palo Alto 3020 Firewall HA-Cluster active/passive while there is already a working stand alone PA 3020 Firewall. Is it the same way I configure a H...

Mvdohe by L1 Bithead
  • 834 Views
  • 5 replies
  • 0 Likes

Resolved! Traffic going through Management port

Hello All, We were setting up a PaloAlto Firewall and made all the basic configuration to make a test on the production environment, however when connecting to the production environment, we could see that all the traffic from the PaloAlto firewall w...

Best practice for Palo Alto Uplink

We are looking to deploy our new boxes (PA-3220) in HA in the next few weeks. We are trying to go with best practice methods. Currently, we have an Layer 2 ae interface that has multiple subinterfaces. Each subinterface is tagged with a Layer 3 SVI. ...