General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Configuring an ON-SITE-SPARE

Dear techs, Can any one give me some rough idea on how to configure a PA OSS unit? I have a PA 3020 unit in live infra. Recently bought another 3020 unit. The idea is to replicate all the configurations and settings from live to the OSS unit and keep the same offline. Any help is much appreciated. Thanks in advance.

Palo alto 8. - keep booting after migrating to ESXi6.7

Hi Palo alto 8.- was installed EVE--NG at wmware Workstation. and it worked very well. But after migrating to ESXi 6.7, it keeps booting without stopping. Please see the below error message. Booting from Hard Disk...Welcome to the PanOS Bootloader.Hit any key to stop autoboot...Enter 'maint' for boot menu.Booting PANOS (sysroot0) after 5 seconds...

PAFrank by L2 Linker
  • 4809 Views
  • 3 replies
  • 0 Likes

BGP RIB Out AS Path

I am using BGP between two ISP's. On one of them my AS number is listed one time by each prefix. On the other ISP my AS number is listed 6 times by each prefix. The ISP with 6 AS numbers is a lower preference. Anyone know why?

GFN182 by L2 Linker
  • 2836 Views
  • 2 replies
  • 0 Likes

The best way/easiest way to migrate from 2 nos pair of PA 5250 & 5220 to a pair of PA 5450.

Current setup : Multiple virtual instances running on a pair of 5250 and 5220 active-standby deployment each site.Meaning 1 pair of 5250 + 1 pair of 5250 > 1 pair of 5450Target setup : All virtual instances would be migrated/consolidated to a pair of 5450 modular hardware active-standby deployment each site. Note : Migration methodology shoul...

PAN site to site VPN to AWS

We had a site to sit VPN between on premise PAN going to AWS.The tunnel was established and does not show any downtime but the issue we encounter is that when the Tunnel Monitor IP(169.254.2.x/30) and (169.254.3.x/30) is not pingable/unreachable PAN will remove the route going to AWS in result we are not able to connect to the AWS LAN segment. A...

DHCP Server Does Not Lease Reserved IP Address from 2nd Time

Hi, I'm currently doing DHCP server migration from Windows server's DHCP server function to Palo Alto PA-3200 series, with PAN-OS 9.1 series. I copied over all the configurations from Windows server to Palo Alto including the IP address reservation. After migration, what happened was that, for an IP scope that corresponds to a VLAN with 802.1X d...

Putty cursor is stuck there after PA-VM starts

Hi, Palo-alto PA-VM-KVM-9.1.0.qcow2 is installed into GNS3 version 2.1.21 based on the below link. I try every configuration is same as the link. Two vCPU, 4G RAM and 8 interface. but after it start, it shows below message and then stop at the end of the below message. Anyone can give some suggestion? Thank you https://www.gns3network.com/how-t...

PAFrank by L2 Linker
  • 5576 Views
  • 3 replies
  • 0 Likes

Resolved! IPSEC ikev2-send-p2-delete

Hi all, I have a IKEv2 IPSEC from PA to PA Firewall with tunnel monitoring enabled on one end. The tunnel suddenly went and the peer with no tunnel monitor is sending every 4 seconds a ikev2-send-p2-delete. What could be the reasons behind this behaviour? Regards

Uninstall Global Protect 5.2.5 via Intune Scripts

Good day, I need to uninstall Global Protect from bout 100 user devices. We deploy and remove application using Microsoft Endpoint Manager (Intune). I have created a script using this uninstall command:This command reported that it ran successfully on the devices and uninstalled Global Protect as intended, however when I logged into the devices,...

Jabulani15_0-1639402078994.png

Vulnerability wrong action Palo

Hi, We are having a weird issue in Palo. We have a FTP server and we can not access because Palo detects this vulnerability: Name: SSH User Authentication Brute Force AttemptUnique Threat ID: 40015The Palo action is "alert" for this vulnerability but its being blocked "block-ip". I attach the screenshots: why Palo is detecting a normal access a...

pic1.JPG
pic2.JPG
BigPalo by L4 Transporter
  • 2588 Views
  • 1 replies
  • 0 Likes

Resolved! JSON Miner with basic auth and an API key

I would like to have a miner to connect to the Pingdom API to pull a list of their US node addresses. The Pingdom API uses basic auth and requires an "app key". Their documentation references two HTTP headers, authentication and app-key: > GET /checks HTTP/1.1 > Host: api.pingdom.com > Authentication: Zm9vQGV4YW1wbGUuY29tOnBhc3N3b3J...

Resolved! GlobalProtect portal data collection available in logs?

Starting with PAN-OS 9.0 there is the ability to assign specific agent configurations based on software and app settings on GlobalProtect portal configuration.It's possible to collect registry data from Windows endpoints under the new tab "Portal Data Collection". Now my question. Is it possible to see somewhere in the logs what data was collect...

portal-data-collection-custom-checks-windows
Tobi by L2 Linker
  • 7853 Views
  • 6 replies
  • 0 Likes
  • 24403 Posts
  • 123 Subscriptions
Top Solution Authors
Labels