General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

 

Rules and Best Practices

 

  1. Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion
...

JayGolf by Community Team Member
  • 374 Views
  • 0 replies
  • 0 Likes

AWS x PAN 2 tunnels PBF backhaul internet static routes?

Anyone run into this before?  I have 2 x AWS tunnels (No BGP) and I want failover to occur and I want to backhaul internet traffic from AWS out through the PAN.  I have connectivity between AWS and on-prem with no static routes configured.  However,

...

drewdown by L4 Transporter
  • 4103 Views
  • 6 replies
  • 0 Likes

User not able to access one site

Not able to access the site is on another location I can ping the site it's responding I check session-id packet capture nothing was found.

I create a  policy for that user without any restriction still not able to access the site. In monitor its show

...

Does Active-Active HA supports more users?

Hi Guys,

My company bought a PA firewall a few months back. At that time we had around 85 users and PA technical person suggested that it will handle up to 100 users in our environment. Now, we have around 70 more people who joined our company, so tot

...

Satyam by L1 Bithead
  • 2321 Views
  • 2 replies
  • 0 Likes

Resolved! Apple Software Updates Issue with Palo Alto

Hi,

If we try to update apps on a iPhone they don’t update but if we remove the security profiles the apps update with no issues.

 

When you click update it attempts to do the download and just fails

 

We are using following security profiles(image attach

...

1 (7).png

PPPoE Disconnection frequently.

Facing PPPoE session disconnection issue. 
As per ISP, this is a Firewall issue as from Laptop or Computer (directly connected to ISP Router) no disconnection being observed.

Palo Alto PA-3020

 

Following logs and capture packet are below 

2021-07-15 11:2

...

Email Gateway External IP

Good afternoon, currently for sending and receiving mails with Office 365 is using a Cisco CES ( Cisco Email Security ).

 

This device only has a couple of public IPs, it is external to the organization.

 

In Palo Alto, when configuring the SMTP Gateway.

...

Metgatz by L4 Transporter
  • 1846 Views
  • 1 replies
  • 0 Likes

Resolved! Firewall Replacement/Upgrade

Hello,


I am rather new to the Palo Alto FWs, and I am looking to replace 2 existing PA3020's in an HA pair with two PA3220 also in an HA pair.  I've never done a full swap like this so is there any Best Practice recommendations and/or upgrade checklis

...

GreenA by L0 Member
  • 3802 Views
  • 1 replies
  • 0 Likes

More information about SSL Decryption and PAN-OS 10.0

Hey guys, 

I just wanted to let you know that I have just blogged about "What is SSL Decryption" and wanted to call your attention to it. 

Please read it here if you have not already seen it:

https://live.paloaltonetworks.com/t5/blogs/what-is-ssl-dec

...

jdelio by L7 Applicator
  • 3832 Views
  • 2 replies
  • 3 Likes

Resolved! Safe Port Scanning

Hi folks,

 

When I perform a nmap port scan on my IP range protected by Palo Alto Firewall, almost every port responded to SYN scan.

 

This is a known issue, as I found:

Port scan report shows all TCP ports are open

https://knowledgebase.paloaltonetworks.c

...

tingmy by L1 Bithead
  • 5047 Views
  • 2 replies
  • 0 Likes

Ike Scan Against GlobalProtect Gateway

I'm testing (starting) my ethical hack skills and testing our GlobalProtect Gateways for vulnerabilities.

 

I used the Windows ike-probe and Kali Linux ike-scan against a Cisco gateway with VPN services running. The ike-scan results are what I expected

...

Site-to-Site VPN use PPPoE

Site-to-Site VPN with PPPoE

Good afternoon, please help me to confirm if the following scenarios are compatible or not.

 

- Palo Alto with Interface in DHCP mode ( with private IP - Typical example ADLS modem delivering a Private IP ) establish a sit

...

Metgatz by L4 Transporter
  • 2589 Views
  • 1 replies
  • 0 Likes
  • 23835 Posts
  • 112 Subscriptions
Top Liked Authors
Labels