General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Join the Fuel User Spark Event on March 19: Dealing with Threats !

 

Join us at the Fuel User Group Spark Event on March 19!

 

Get ready to ignite your cybersecurity knowledge and connect with industry experts at our upcoming Spark event hosted by the Fuel User Group. Whether you're a seasoned professional or just

...

kiwi_0-1709893724672.jpeg
kiwi by Community Team Member
  • 279 Views
  • 1 replies
  • 2 Likes

How and Why to Accept a Solution to Your Post

Did you know that you can help your fellow community members by accepting solutions when a reply answers your question. Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature

...

JayGolf_0-1691518400714.jpeg
JayGolf by Community Team Member
  • 3159 Views
  • 2 replies
  • 14 Likes

Resolved! How to connect users to their domain via GlobalProtect

Hello,

 

We need a solution to join the users first to their Domain via Global Protect and after that client MUST be able to reset/change their password.

We were thinking of using Pre-logon, however, this requires machine certificate and customer is not

...

Master key problem on a PA-220

I have a standalone PA-220 on v9.1.6 and I'm trying to set my own master key on it. I'm getting this error:

 

Operation Failed request -> master-key -> on-hsm unexpected here request -> master-key is unexpected request is unexpected

 

It looks like it th

...

ccvega by L1 Bithead
  • 1836 Views
  • 1 replies
  • 0 Likes

security policy source user strange behavior

Hello

I am using ldap users as source user in security policy.

The policy defines who can access http-service and https-service to the internet.

After the Firewall there are about 500 PCs and about 10% PCs stop to browse the internet every 20-30min, pre

...

Inter VR Routing

We have a PA 3220 with two VRs, one VR is TEST and the other is VR is PROD.

Each VR has a public facing interface, eth1 is PROD Andy its IP Address is 103.143.195.245/32 and eth2 is TEST with an IP address of 166.206.187.82/32. There are internal and

...

Chopper by L1 Bithead
  • 3524 Views
  • 4 replies
  • 0 Likes

Issues with Global Protect

Good morning,

My company uses Global Protect for its connection to our corporate network when I work remotely. I recently been having issues where it says its connected, but only part of the applications are able to access the network. Skype works, I

...

Regarding monitoring of internet connection

hi ,

im using PA-3050 with Software Version 9.1.3-h1

my question : i need mentoring the our internet  connection Is it settled or not ? Have we got to the maximum limit of the contact or not ?

 

you support tp me is highly appreciated 

 

YOOG887 by L1 Bithead
  • 2166 Views
  • 3 replies
  • 0 Likes

Resolved! Reason why domain URL category was changed?

I have a domain with a lot of subdomains. Two days ago URL category of all of this subdomains was changed from Computer and Internet info to Grayware. Is it possible to get information what was the reason of this change ( for example request from ano

...

pkopec by L0 Member
  • 1647 Views
  • 1 replies
  • 0 Likes

QoS rule on schedule rematch

Hello,

 

I'm afraid the answer is going to be no, but is anyone aware of an option to rematch the QoS class applied to a session, based on a schedule applied on a QoS policy? I'm trying to restrict bandwidth for a flow within certain hours, but that on

...

Arne-VDH by L3 Networker
  • 1649 Views
  • 1 replies
  • 0 Likes

EDL Invalid urls but why?

I am generating this EDL from minemeld this list is for office 365  PAN is listing 14 Invalid URLs but why are they invalid? 

 

admin@PA-220> request system external-list list-capacities List Type Currently used in policy Total Ca...

Ping Packets dropped: forwarded to different zone

 

 

1. All the units in above diagram are AWS EC2s. Pinging from Ubuntu10_20_61_16

    to Ubuntu10_60_0_100 failed due to echo reply dropped on PA-VM.

 

admin@PA-VM> show counter global filter packet-filter yes delta yes severity drop

Global counters:

Elaps

...

Capture1.PNG
Susan_Avxt_0-1608187681970.png
Capture2.PNG

PA PLACEMENT

Hi, 

In internet edge ASA is running as Active /standby  . I would like to place PA as Active /Active in vwire mode behind   ASA 

What are the pros and cons 

Thanks

 

simsim by L4 Transporter
  • 2026 Views
  • 2 replies
  • 0 Likes

Captive portal for https traffic without SSL decryption

Dear community,

 

I´m currently facing this challengue:

Do you know whether it´s possible to have captive portal working for https traffic without using SSL decryption?

 

This requirement is not clear in the admin guide but I understand it is according th

...

Carracido by L3 Networker
  • 2300 Views
  • 1 replies
  • 0 Likes

Running script user cinnecting to GP

Hi,

 

We would like to run a script for the users when GP VPN goes UP. This script is for mapping network drives in theclients.

 

Is possible to do that? any link with info? 

BigPalo by L4 Transporter
  • 2596 Views
  • 5 replies
  • 0 Likes
  • 24090 Posts
  • 99 Subscriptions
Top Solution Authors
Top Liked Authors
Labels