General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Join the Fuel User Spark Event on March 19: Dealing with Threats !

 

Join us at the Fuel User Group Spark Event on March 19!

 

Get ready to ignite your cybersecurity knowledge and connect with industry experts at our upcoming Spark event hosted by the Fuel User Group. Whether you're a seasoned professional or just

...

kiwi_0-1709893724672.jpeg
kiwi by Community Team Member
  • 280 Views
  • 1 replies
  • 2 Likes

How and Why to Accept a Solution to Your Post

Did you know that you can help your fellow community members by accepting solutions when a reply answers your question. Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature

...

JayGolf_0-1691518400714.jpeg
JayGolf by Community Team Member
  • 3160 Views
  • 2 replies
  • 14 Likes

SSL Inbound Decryption Failing

hello, we are setting up SSL Inspection for inbound traffic but it is failing when clients try to access, we are getting unsupported protocol errors.  ssl labs shows the following issues around handshaking.

 

 

with SSL Inspection off we do not see thes

...

RyanJohnstone1144_0-1612884336341.png
RyanJohnstone1144_1-1612884421679.png

Panorama<->Firewalls connectivity issue

Hi all,

 

After I modify the route service and restore it to the state before the firewalls (2 HA firewalls  + PA220 ) are no longer connected to the panorama.

 

No changes are made on the network side between the two.

Panorama : VM (VMware ESXi) version

...

ayoubAitkhouya_0-1612712485559.png

URL Filtering Issue Through GlobalProtect

We are facing a issue in URL Filtering while connecting Palo Alto PA-220 via Globalprotect.

 

When I am using broadband connection to connect to my laptop to vpn then all the configured url filtering sites are getting blocked but when we connect it thr

...

KapilRoy by L0 Member
  • 2033 Views
  • 2 replies
  • 0 Likes

External Certificate Renewal

I can't for the life of me figure out the process to renew a certificate issued from an external CA.  We have a cert purchased from Thawte for our Global Protect gateway.  It will expire shortly and Thawte wants a csr file for the renewal.  Selecting

...

can we generate report for tunnel interface in ACC

We are using proxy solution for url filtering for which we have deployed ipsec tunnel with cloud proxy server.

If we are filtering ACC report for interface and zone we are not able to get proper utilization report. Hence we are trying to export report

...

Deepak_K by L3 Networker
  • 1758 Views
  • 1 replies
  • 0 Likes

LIVEcommunity January Rewind

Hi everyone! 

 

We are excited to share our first LIVEcommunity monthly recap with all of you! There are a lot of exciting things happening around the community, so we put together this News article sharing everything that you might have missed durin

...

agalindo by L4 Transporter
  • 2196 Views
  • 1 replies
  • 3 Likes

Resolved! Syslog Server Queries.

Hi,

 

I would like to know the following queries,

  • In log forwarding, there are 7 types of forwarding i.e traffic, URL, threat etc. can we know how much data will it consuming for an individual log type while forwarding the logs to Syslog server from CLI
...

Palo Alto image for demonostation shown in the video

Hi team,

 

I am looking for setting up the palo alto firewall as well panorama in VMware workstation as shown in below video. It seems to be pretty easy. Only thing I am looking for is palo alto image. How can I get the image ? I googled and got to kno

...

Vikashh by L2 Linker
  • 1459 Views
  • 1 replies
  • 0 Likes

Are used PA 'for-sale' posts permitted

Hello - does Palo Alto support resale of hardware that is not End-of-Life, and are posts on resale permitted in LIVEcommunity?  I have been searching for pinned community rules and have not found anything related yet.  I don't want to post/ask more r

...

keklund by L1 Bithead
  • 1349 Views
  • 1 replies
  • 0 Likes

IP spoofing /source routing

Hi Friends,

 

I have nt enabled Zone protection for our palo alto firewalls as its connected to trusted zones. I want to know the whether IP source routing is disabled in the PA NG Firewall (Pan OS > 9.0) by default or not.  Also steps to protect again

...

IpSec VPN Phase1 negotiation problem

Hi All,

 

I have two 4G router and two ipsec vpn tunnel. Routers are exactly same.

VPN configs are exactly same (except Ips) one tunnel up and running but other one failed at Phase1

 

It gives me "IKE phase-1 negotiation is failed. Peer\'s ID payload 192.

...

Lacrymae by L1 Bithead
  • 3594 Views
  • 4 replies
  • 0 Likes

SDWN and PAT

Trying to setup a LTE link as a backup link for an SDWAN deployment.  All of the LTE gateway devices do PAT as they get a single IP from the provider.  Will this work.  Don't think it will work in the hub but in the branches believe it will.  Just wa

...

  • 24090 Posts
  • 99 Subscriptions
Top Solution Authors
Top Liked Authors
Labels