General Topics
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

The Enhanced LIVEcommunity Experience is finally here! Learn all about it.

General Topics

Forum Posts

Registration now open - Interactive Event!

Hi everyone, If you haven’t already seen, registration is now open for our first interactive event all about the Best Practice Assessment (BPA) tool! You will be able to connect with subject matter experts, share best practices, and learn how this to...

jdelio by Community Team Member
  • 33 Views
  • 0 replies
  • 1 Likes

Resolved! GlobalProtect, Working from Home, Prisma Access and Covid-19

To all, Just wanted to post a message about the Hot Topic right now, which is Covid-19. With all of this going around, everybody's health and safely is the utmost concern. Keeping your hands clean, washing your hands (A LOT), using hand sanitizers, a...

jdelio by Community Team Member
  • 16750 Views
  • 45 replies
  • 32 Likes

How to factory reset VM firewall

I was downgrading the VM 500 firewall from 8.1.1 to 8.0.10 and booted the image with wrong config file. I am able to ssh firewall but maint mode username & password (serial #) is not working. How can I reset the password and bring VM 500 in factory d...

Prakhar by L2 Linker
  • 1135 Views
  • 1 replies
  • 0 Likes

ICMPv6 Custom Apps

PAN-OS has a gap in AppID for ICMPv6 apps. Working against RFC4890, I created custom apps for the recommended ICMPv6 types/codes. Sharing here for other's benefit. set application icmpv6-echo-request category networking subcategory infrastructure tec...

Enable FTP and FTPS for Active/Passive?

Hello Folks, We have a CrushFTP server installed on a server behind our PA 3020 PANOS: 7.1.14, SSL decrypt not enabled.Security Rule: NAT Rule: Trying to figure out why Active and Passive with FTP over TLS (SSL) will not retrieve the directory listin...

FTP_rule.jpg FTP_NAT_rule.jpg Active_FTP.jpg Active_FTPS.jpg
OMatlock by L4 Transporter
  • 4379 Views
  • 5 replies
  • 2 Likes

Resolved! 500 Internal Server Error - CAPTIVE PORTAL

Dears, PA220 with interfaces as per belowethernet1/4 19 1 Local-Network vr:RT-LAN 0 172.26.57.1/25ethernet1/5 20 1 Local-Network vr:RT-LAN 0 172.26.57.129/26ethernet1/7.105 269 1 Local-Network vr:RT-LAN 105 172.26.59.1/27ethernet1/7.106 270 1 Local-N...

ScreenShot640.jpg ScreenShot642.jpg ScreenShot644.jpg ScreenShot646.jpg

Inbound SSL Decryption

Hi, I have two questions for folks 1) I have setup Inbound SSL decryption as outlined in the documentation (Import Server Certificate, Create Decryption Policy, Create Decryption Profile), and expected that when I looked at my traffic log to the serv...

QoS on inter-vsys traffic

We have internet traffic and tunnels terminating on vsys1. While our servers are in vsys2. Traffic to internet or tunnels is passed through inter-vsys routing from vsys2. Server X which earlier used to be in vsys1 and had qos applied for it tunnel tr...

raji_toor by L4 Transporter
  • 296 Views
  • 1 replies
  • 0 Likes

Always -on OTP

I have an interesting scenario where I have a firewall protecting an extremely sensitive server and some dedicated users accessing it through another zone. I ran into a situation where only couple of users need access to it when remote. I thought of ...

Panorama support license upgrade

Hello,I am just trying to upgrade support license of Panorama VM from 100 devices to 1000 applying the Auth code received for PAN-SVC-BKLN-PRA-1K. It is failing with message "Failed to install licenses. An initial license cannot be applied for renewa...

Move zone and policies between VSYS

Hello, One of our customer wants to implement VSYS. Currently, the current firewall is Checkpoint appliance (around 900 rules)..The idea is to replicated the config from the Checkpoint to the PA with only one VSYS to avoid a big bang...So I will crea...

licenselu by L4 Transporter
  • 836 Views
  • 3 replies
  • 0 Likes

Resolved! system alert:certificate validation failure

we have a new PA-850 in production from couple of days. but the wildfire lincense is yet to be subscibed. the syslog is generating a high alert saying public cloud certificate validation failed, destination: wildfire.paloaltonetworks.com.

DNS query to problematic web site

PA itself was generated the DNS queue of the domain that the management interfaceWhy would it come up with this action, and DNS proxy do not enabled.Please kindly advise. Log:This host was detected performing a DNS lookup for the domain en[dot]wt1[do...

samhk by L0 Member
  • 421 Views
  • 2 replies
  • 0 Likes

different content of backup files.

Hey!I'm using curl and the xml api to automtically backup the config of my PA-3020:https://live.paloaltonetworks.com/t5/Management-Articles/How-To-Backup-of-Config-Files-Periodically-without-Panorama/ta-p/77312 However, the content of that file looks...

MPI-AE by L4 Transporter
  • 1019 Views
  • 6 replies
  • 0 Likes
Top Liked Authors