This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Access problems via Globalprotect with AD group.

Hello everyone,

I am relatively new to Palo Alto solutions and I face a problem that has been going on for over a week. Could anyone help me?

 

This is the scenario:
- I have gateways 01 and 02 for the GlobalProtect.
- AD groups called Grupo1 and Grupo2.
-

...

Amaro123 by L2 Linker
  • 5491 Views
  • 12 replies
  • 0 Likes

Resolved! API Keys in PanOS 9.1

Hello All.

Do you know of a way to see all generated API keys on Panorama 9.1? Similar command exist on the wildfire appliance, but I could not find in Panorama. 

Also, does anyone know how the API generation process works in 9.1? Are they keys persist

...

batd2 by L4 Transporter
  • 4018 Views
  • 4 replies
  • 0 Likes

Resolved! How to parse and filter proofpoint list

Hello,

Since the default proofpoint miner is not working 'im trying to find a workaround to be able to download and filter the lists.

I have tried to use the generic json or csv miner but i'm having issues with both:

 

With the json miner I receive 0 val

...

Block domain *.*covid*.*

Hi Team

can we blocked domain in palo alto if domain name contains is *.*covid*.* in palo alto.

 

I was also wondering whether blocking such domain will be better through dns sinkhole or URL filtering.

shubhamG by L1 Bithead
  • 1644 Views
  • 2 replies
  • 0 Likes

ISP Router connection best practice

Hi All,

 

Just looking for advise , pros vs cons about connecting an ISP internet feed directly to our core mpls/vpls switch.  

ISP Internet Router—>adva—>Core Switch(siteA)—>mpls/vpls—>Core Switch(siteB)—> Palo Alto

 

The PA firewall will have a separate

...

MistryJa by L1 Bithead
  • 1930 Views
  • 2 replies
  • 0 Likes

Panorama HA Firewall PAN-OS Upgrade Clarification...

My apologies for the length of this post...I am trying to understand how to best upgrade PAN-OS through multiple major releases on a configured HA set and I may not be explaining myself effectively...here it goes.

 

I am preparing to upgrade a PA-220

...

Migrating Palo Alto's

Quick question regarding changing model of Palo Alto's. We're moving from a larger model to a smaller. Is there a guide I could use for this? From what I've gathered so far the two firewalls have to be on the same software version? is that the only p

...

Resolved! IP Pool Assignment

We have deployed a PA-VM into AWS running 10.0.4 and are currently trying to configure Global Protect to secure our developer connections to our AWS environment. We have a Global Protect Gateway deployed and are able to establish a VPN connection. Th

...

Resolved! Policy based routing

Hi,

 

Do we need a security policy, once the PBR configured in the firewall?

 

OR 

 

FW just forward the packet to the Egress interface and not look for the security policy.

 

Thanks.

 

ChiragP by L2 Linker
  • 2475 Views
  • 2 replies
  • 0 Likes

Resolved! The 7 byte custom signature minimum

Hello Palo Alto,

 

I am doing a custom combination signature for brute force/Layer 7 HTTP DDOS protection. I am using "http-req-params" to block more than 5 attempts in 10 seconds for a particullar site (

https://docs.paloaltonetworks.com/pan-os/u-v/cus

...

Resolved! PA-5220 App Update issues

In my environment, we must update our apps manually. One machine allows it to be updated like normal through the device menu, but on other machines when uploading the app file, it just keep showing the progress bar and doesn't go any further. Has any

...

Globalprotect users cert renewal process?

I have 20 GP users that has certificate check as first factor of authentication. The certs are set to expire in a month. If I renew the cert and export it to them on a USB stikc, will that break the connection until the certs are installed? What is t

...

URL Filtering reponse page into iframe

I have a situation, where on some page which is allowed in URL Filtering: ex. allowed_site.com I have an iframe with another site which is blocked on URL Filtering: block_site.com. I have configured response page for block action. But when I open all

...

pkopec by L0 Member
  • 1556 Views
  • 1 replies
  • 0 Likes
  • 24195 Posts
  • 100 Subscriptions
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks