General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

 

Rules and Best Practices

 

  1. Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion
...

JayGolf by Community Team Member
  • 311 Views
  • 0 replies
  • 0 Likes

Disabling bad checksum on Firewalls

Hi All,

 

We have received an request to disable the drop of packets due to bad checksum. I had the following questions on this:

 

Q1: Can i see in the traffic logs if any connections are dropped due to bad checksum.

 

Q2: This can be done by enterin

...

NAT SDWAN

Hello,

My Name is Dwi.

 

I have case with SD-WAN configuration.

I have 2 ISP DIA provider, and i want to combine 2 ISP provider in to single logical SD-WAN for Load Balancing Internet Traffic.

the Palo Alto device is under NAT, please help me to configure

...

dwinur by L0 Member
  • 3374 Views
  • 3 replies
  • 0 Likes

Using GlobalProtect , ExpressVPN and Remote desktop

Dear All,

 

I am pondering following scenarios:

 

1- I connect to Server "S" using GlobalProtect on my Computer "A". Now Assume i do not have access to computer "A" physically because i have moved to another city. I want to access computer "A" from anoth

...

shaukafa by L0 Member
  • 3618 Views
  • 1 replies
  • 0 Likes

Resolved! Always On Global Protect VPN

When I am looking at GP Gateway Users I see some USERs with
ID prelogin and others where USER matches the COMPUTER name
field. Any idea why I might see one or the other? I am using certificate
authentication.

 

 

MichaelMedwid_0-1626972848253.png

inter-vsys vs shared virtual router

Hi all

 

It seems like 1 virtual router can be shared by multiple vsys

 

Reading up

https://knowledgebase.paloaltonetworks.com/servlet/fileField?entityId=ka10g000000UADEAA4&field=Attachment_1__Body__s

1 VSYS can have all multiple VR’s as well as multiple V

...

iFAST-SG by L0 Member
  • 4107 Views
  • 1 replies
  • 0 Likes

Resolved! techsupport file info

Does anyone know if you can see session tables in the tech support file?  Trying to troubleshoot a session sync issue and wondering if I can go back and look at the table when the TS file was created.

Thanks
Joe

jdemares by L1 Bithead
  • 2171 Views
  • 1 replies
  • 0 Likes

ECMP and PBF not work

we have a PA-820 with dual ISP internet (ethernet 2, ethernet 3)  and  ECMP. all PC 10.1.0.0/16 can load balancing through 2 Internet connection.

If I use PBF so PC 10.1.3.250 only go out through ISP 2( ethernet 3), I see this PC cant connect to Inter

...

test pbf.PNG
duyennv by L0 Member
  • 1918 Views
  • 1 replies
  • 0 Likes

Resolved! BGP on PanOS: allow route with own as number in as-path

hi,

i am new to panos and have problems in allowing a route with its own as number in as-path incoming from a peer. looks like the route is not accepted as a loop prevention but it is just the fact that the as number is used twice as two companies con

...

daniel by L0 Member
  • 3522 Views
  • 1 replies
  • 0 Likes

10.0 user-id agent ignore_user_list not working

Since upgrading to pan os 10.0.6, we've noticed the "ignore_user_list" on our server user-id agents doesn't seem to be working.  We did not have any issues prior to upgrading to 10.0.x.  Has anyone else noticed this issue?  We upgraded our user-id ag

...

jmurphy by L2 Linker
  • 1945 Views
  • 1 replies
  • 0 Likes

Http traffic to https

Hi Guys 
Can we redirect someone trying to access http://www.xxx.com to https://www.xxx.com ( port 80 to 443 ) ?

If we are using Dest NAT for https://www.xxx.com ? 

Thanks 

i_maddy by L0 Member
  • 1958 Views
  • 1 replies
  • 0 Likes

Resolved! Assign multiple netflow profile to an interface

Hi All

We have multiple netflow servers in the environment and i want to configure palo alto firewall interface with multiple netflow server profiles. I have already one netflow server profile attached to my Layer3 interfaces and now i want to configu

...

Resolved! GlobalProtect uninstall problem

Hi,

Our user have a problem with GlobalProtect client on a computer running Windows 8. Client was behaving very unpredictable (constantly connecting and disconnecting from the VPN), so it is uninstalled (from Control Panel\Programs\Programs and Featur

...

Decrypt GlobalProtect traffic

Hi Guys!

I have a GlobalProtect (IPSec) configuration with an external gateway, all remote user traffic goes through the vpn tunnel, to which I apply decrypt policies for this traffic.
The problem is that in applications like "teams", it is not possibl

...

PA-220 Thermal Shutdown

Morning All,

 

Here in the UK, we are in the midst of a heatwave and we have had 2 PA-220's shutdown for heat issues.

 

I can't find anywhere at what temperature the Palo shutdown due to temps? I thought it was the MAX Chasis temp, however, we have anoth

...

  • 23823 Posts
  • 112 Subscriptions
Top Liked Authors
Labels