General Topics

Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

 

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! 

 

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 197 Views
  • 0 replies
  • 0 Likes

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

 

Rules and Best Practices

 

  1. Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion
...

JayGolf by Community Team Member
  • 879 Views
  • 0 replies
  • 0 Likes

Global protect not working

Hi Team,

 

We have faced our GP not working 26/07/2021 around 09:15 pm.

 

After the firewall restarts its started to work. When I analyzing TSF I got the ssl vpn below error.

 

"The PID for this process changed indicating it was restarted"

 

2021-07-26 21:17

...

VishnuPS by L3 Networker
  • 2665 Views
  • 3 replies
  • 0 Likes

New 5220 non-functional state

New HA 5220 active-active and non-functional status.

HA-1 and HA-2 cable attached

Set up box boxes direct mode and then created templates via Panorama

Panorama doesn't display to parameters defined in direct config status

How to ensure configs are dumped

...

Default MTU of 1496B in interfaces of VM platforms?

Dear community!

 

We have couple of VMs deployed in MS hyper-v and I realized that all interfaces have a MTU of 1496 bytes even though no value was configured. Checked this with "show interface XXXX" command

 

Shouldn´t the interfaces have MTU of 1500 by

...

Carracido by L3 Networker
  • 2700 Views
  • 1 replies
  • 0 Likes

Simple policy not working?

Outbound communication to the following IP addresses must be allowed:
- 64.58.49.24
- 64.58.49.25
- 64.58.49.26
- 64.58.49.28
- 64.58.51.56
- 64.58.51.57
- 64.58.51.58

 

text router will attempt to communicate with the above IP addresses over the following pr

...

Resolved! Internet video UDP-range - STUN?

Our HR uses Interview from Indeed https://interviews.indeed.com/demo/video/
I've tried to open firewall ports with application STUN, service ANY.
But that did not work (error message because of missing "network connection").
For testing I've opened all

...

ChrisCon by L2 Linker
  • 3695 Views
  • 2 replies
  • 0 Likes

Security Policy Rule application and service configuration

 Hi All,

 

I have an issue where, Panorama had some security policy rules that had the below configuration on them:

 

  1. “Any” is listed in combination with specific ports under services in a given rule
  2. “application-default” is listed in combination with spe
...

Ben-Price by L4 Transporter
  • 2083 Views
  • 2 replies
  • 0 Likes

MS Update application being recognized as ssl

Hi Experts

I'm looking for an assistance where ms-update is being recognized as ssl and getting denied. We've allowed the web-browsing and ssl to allow the dependency applications as well on the same rule. Port is being identified as TCP/8531 but the

...

Palo Alto SSH Vulnerabilities

Hi Team,

 

We are finding the below vulnerabilities being detected on Palo Alto Management SSH service :

 

 

CVE-2007-2768

CVE-2004-1653

CVE-2007-2243

CVE-2016-2183

 

Kindly help us in resolving the above said vulnerabilities.  Devices are running with the OS

...

Resolved! Slow o365 downloads

Just deployed HA 3020s in APAC and users are complaining that downloading office 2016 is painful, slow and eventually times out. Having a hard time figuring out why though, logs in PA don't show anything dropping or getting denied and data filtering

...

drewdown by L4 Transporter
  • 13377 Views
  • 9 replies
  • 0 Likes

OSPF passive interfaces question

What is best practice to advertise connected networks on a single VR where you have OSPF running and neighboring on an Internal Firewall  interface to router, and want to advertise multiple segmented/firewalled networks directly attached the same fir

...

Sec101 by L4 Transporter
  • 3958 Views
  • 3 replies
  • 0 Likes

SSL Decryption: ERR_HTTP2_INADEQUATE_TRANSPORT_SECURITY

Hi paloalto community,

 

we're currently still testing ssl decryption and discovered a new error, which I can't google to find a solution.

 

If we're visiting the following site, we get an "ERR_HTTP2_INADEQUATE_TRANSPORT_SECURITY" error. Site: https://ww

...

2020-01-13 11_42_30-pa-1.png
2020-01-13 11_42_39-pa-1.png
2020-01-13 11_42_56-Anhängerkupplung M240i _ M140i.png
2020-01-13 11_46_30-www.1erforum.de.png
mrkskhn by L1 Bithead
  • 55071 Views
  • 36 replies
  • 0 Likes
  • 24013 Posts
  • 115 Subscriptions
Top Solution Authors
Top Liked Authors
Labels