General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Threat Vector, a Unit 42 Podcast, is Now on LIVEcommunity!

We have some exciting community news to share: Threat Vector, a Unit 42 podcast, is now on LIVEcommunity!

 

Threat Vector is your compass in the world of cyberthreats. Listen to this biweekly podcast to learn about unique threat intelligence, cutting

...

jforsythe by Community Team Member
  • 94 Views
  • 0 replies
  • 0 Likes

How and Why to Accept a Solution to Your Post

Did you know that you can help your fellow community members by accepting solutions when a reply answers your question. Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature

...

JayGolf_0-1691518400714.jpeg
JayGolf by Community Team Member
  • 3334 Views
  • 2 replies
  • 14 Likes

Resolved! GlobalProtect clients experiencing latency delays

Hello,

 

Clients who are connected via GlobalProtect VPN are experiencing slowness with all their traffic traversing the VPN (ie.. Internet and Server access traffic).

The latency is between 200-400ms for all the traffic regardless of whether its Intern

...

Farzana by L4 Transporter
  • 11171 Views
  • 12 replies
  • 0 Likes

AE Interface down during failover

We recently had a failover event during a normal upgrade of the firewall (10.0.1 -> 10.0.4). The LACP aggregate interface on the Cisco switch / Firewall did not come up during this time, which resulted in a longer than expected outage. Powered down f

...

Service route in panorama.

Dear Team,

 

I have two interfaces configured in my panorama:

1-management interface

2 -ethernet1/1.

 

for software and dynamic updates by default, my traffic is going via management interface. I want to change the service route through ethernet1/1 but I a

...

Jafar_Hussain_0-1593346305511.png

Resolved! Study tip for PCNSA.

Hello everyone,

 

I spent a year working directly with Palo Alto firewall and I would like to get some certifications, but all video content I find is purely in English and I still don't have a command of the language.

 

Did they have any text material t

...

Amaro123 by L2 Linker
  • 2854 Views
  • 2 replies
  • 1 Likes

Resolved! Policy Based Forwarding

Hi All,

 

I have a  guest wifi vlan 10.25.x.x that needs to be routed out to a second ISP.  

 

AP-->WLC--Palo Alto FW-->MPLS/VPLS-Router-->L3Switch-->ISP

 

The vlan will each have a sub-interface and gateway 10.25.x.1 assigned on firewall in its own guest

...

MistryJa by L1 Bithead
  • 2351 Views
  • 2 replies
  • 0 Likes

OKTA SAML panorama authentication?

Trying to get this working and I am able to authenticate using OKTA SAML  via the button on the login screen but when I do (after entering u/p on the OKTA page) it redirects me back to the Panorama login page.  I see PAN_AUTH_SCUESS SAML on the CLI b

...

drewdown by L4 Transporter
  • 3235 Views
  • 5 replies
  • 0 Likes

Resolved! 1:1 destination nat mapping

Hi everybody,

 

  does anybody know if it is possible to write a single destination NAT policy in order to map ip addresses from a given range/network to a corresponding range/network of the same size preserving the host portion of the address? I try t

...

grenzi by L3 Networker
  • 4649 Views
  • 3 replies
  • 0 Likes

Custom Snort Signature

creating a custom snort signature on Palo alto Firewall but didn’t found the concern context operator for match pattern.

Shall we create a context operator or how it can add the pattern if the context operator is not available?

 

For example:

alert tcp $

...

Snort.jpg

Resolved! Global Protect Split Tunnelling

We are enabling split tunnelling for O365 traffic. I have added a object for a known website so I can test this. I can see the IPs in the PANGPS logs so the configuration is pushed to the client. I have also enabled the Split Tunnelling in the APP fo

...

a.jones by L3 Networker
  • 2467 Views
  • 2 replies
  • 0 Likes

Unable to export ACC last-60-seconds stats

Hi,

I'm looking for a way to export regular per-IP bandwidth usage stats in a human-readable format. I have found out that it's possible to get this in .xml via REST API. I'm trying to create a top-src-summary for the period of last-60-seconds. This h

...

Capture1.PNG
Capture2.PNG
DuzyGl by L0 Member
  • 1791 Views
  • 3 replies
  • 0 Likes
  • 24126 Posts
  • 100 Subscriptions
Top Solution Authors
Labels