General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Ensuring a Safe and Secure Community: How You Can Help

 

Dear LIVEcommunity Members,

 

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

safe-community_oct24.jpg
report-content.jpg
jforsythe by Community Team Member
  • 430 Views
  • 0 replies
  • 2 Likes

Connecting 3rd-Party VPN Device to PA-3220

Hi. Wanted to ask for opinions, suggestions, and experience on this. We have a Cisco ASA VPN Device from our vendor and we'll need to connect this to our PA-3220 FW. So basically, Internet --> PA3220 ---> ASA VPN --> LAN. This ASA will be inside our

...

Mitel decrypt error

Hi all,

we have a open ticket with TAC, but wanted to ask if anyone's seen this, we're in the testing phase of it, and one of the phone's traffic shows up in the logs as decrypt error in the end result, so that phone is not able to login to the mitel

...

cdcirexx by L2 Linker
  • 5668 Views
  • 8 replies
  • 0 Likes

AWS x PAN 2 tunnels PBF backhaul internet static routes?

Anyone run into this before?  I have 2 x AWS tunnels (No BGP) and I want failover to occur and I want to backhaul internet traffic from AWS out through the PAN.  I have connectivity between AWS and on-prem with no static routes configured.  However,

...

drewdown by L4 Transporter
  • 3896 Views
  • 6 replies
  • 0 Likes

User not able to access one site

Not able to access the site is on another location I can ping the site it's responding I check session-id packet capture nothing was found.

I create a  policy for that user without any restriction still not able to access the site. In monitor its show

...

Does Active-Active HA supports more users?

Hi Guys,

My company bought a PA firewall a few months back. At that time we had around 85 users and PA technical person suggested that it will handle up to 100 users in our environment. Now, we have around 70 more people who joined our company, so tot

...

Satyam by L1 Bithead
  • 2148 Views
  • 2 replies
  • 0 Likes

Resolved! Apple Software Updates Issue with Palo Alto

Hi,

If we try to update apps on a iPhone they don’t update but if we remove the security profiles the apps update with no issues.

 

When you click update it attempts to do the download and just fails

 

We are using following security profiles(image attach

...

1 (7).png

PPPoE Disconnection frequently.

Facing PPPoE session disconnection issue. 
As per ISP, this is a Firewall issue as from Laptop or Computer (directly connected to ISP Router) no disconnection being observed.

Palo Alto PA-3020

 

Following logs and capture packet are below 

2021-07-15 11:2

...

Email Gateway External IP

Good afternoon, currently for sending and receiving mails with Office 365 is using a Cisco CES ( Cisco Email Security ).

 

This device only has a couple of public IPs, it is external to the organization.

 

In Palo Alto, when configuring the SMTP Gateway.

...

Metgatz by L4 Transporter
  • 1773 Views
  • 1 replies
  • 0 Likes

Resolved! Firewall Replacement/Upgrade

Hello,


I am rather new to the Palo Alto FWs, and I am looking to replace 2 existing PA3020's in an HA pair with two PA3220 also in an HA pair.  I've never done a full swap like this so is there any Best Practice recommendations and/or upgrade checklis

...

GreenA by L0 Member
  • 3579 Views
  • 1 replies
  • 0 Likes

More information about SSL Decryption and PAN-OS 10.0

Hey guys, 

I just wanted to let you know that I have just blogged about "What is SSL Decryption" and wanted to call your attention to it. 

Please read it here if you have not already seen it:

https://live.paloaltonetworks.com/t5/blogs/what-is-ssl-dec

...

jdelio by L7 Applicator
  • 3698 Views
  • 2 replies
  • 3 Likes

Resolved! Safe Port Scanning

Hi folks,

 

When I perform a nmap port scan on my IP range protected by Palo Alto Firewall, almost every port responded to SYN scan.

 

This is a known issue, as I found:

Port scan report shows all TCP ports are open

https://knowledgebase.paloaltonetworks.c

...

tingmy by L1 Bithead
  • 4681 Views
  • 2 replies
  • 0 Likes
  • 23698 Posts
  • 110 Subscriptions
Top Solution Authors
Labels