General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

NAT issue for accessing ICMC service from google

We have 4 production servers are accessing ICMC service which is hosted in following URL “pubsub.googleapis.com”,

 

If all 4 servers in common NAT rule then there is a time-out error observed which caused ICMC service failure.

 

We have tried change the

...

gasin1 by L1 Bithead
  • 2215 Views
  • 4 replies
  • 0 Likes

Global Protect Users Experiencing Telnet Disconnects

I wanted to see if I can get some help with some session termination problems that I am experiencing for Global Protect users. Our remote users connect to an on-prem ERP systems through telnet, tcp/23.  I recognize that this protocol has inherited pe

...

CCullhaj by L1 Bithead
  • 2983 Views
  • 3 replies
  • 0 Likes

Resolved! Convert VSD Juniper(Screen OS) configuration to Palo Alto

Hi team,

We have a Juniper firewall configuration with 4 VSD(virtual security device) and we want to migrate that kind of configuration on Palo Alto.

We have tried to migrate that configuration but we didn't find this capability on palo alto firewall.

D

...

Fjrubiab by L0 Member
  • 2908 Views
  • 3 replies
  • 0 Likes

Resolved! VPN Best Practices

I'm looking to make some modifications to Site-to-Site VPN IKE-Gateway/IPSec profiles and GlobalProtect IPSec Crypto Profile.

 

For GlobalProtect IPSec,  I'd like to switch from aes-128-cbc to GCM.  I know GCM is more secure and has better performance

...

ce1028 by L4 Transporter
  • 3776 Views
  • 5 replies
  • 0 Likes

BGP configuration

I am looking to see the commands to check bgp configuration on palo alto 5050 Software version 8.1.14

 

We have that PA in our organization but i am new and trying to check why i am not able to learn a route 10.104.55.0/24 in BGP in PA 5050

 

I am learni

...

Need to export policy rule in excel format.

Hi,

 

While exporting all policy backup in excel sheet as we need this all policy details with all fields in rules.

As when I tried to export directly via console it gives only object name, not real ip address. So it is difficult to know which object ha

...

PA-3220 Power Supply Air Flow Direction Optional?

As I have encountered and many others may also, when this unit was installed in a data center, the person did not follow hot and cold isle standards. Is there an option to replace only the power supply or type of fans to reverse the air flow? This wo

...

DHCP server issue with PA3020

Hello,

 I have PA 3020 on which I have configured a DHCP server with about 400 reserving "binding", and IP pool for non reserved.

this DHCP server is configured on vlan tagged subinterface.

every thing is going well for laptops and PCs "windows", but I

...

trial license for pa-220

Hello guys

I m trying to get a trial licence for lab purposes for my personal pa-220

Not familiarized with palo alto environment (thats why I bought the pa-220 btw)

I don t have an account manager or a ce because I m not a company.

More experienced users

...

alexwirz by L0 Member
  • 2327 Views
  • 1 replies
  • 0 Likes

Issue With DNS Suffix

Dear Team,

 

The challenge was that we need to do commit with wildcard in dns suffix ie. *.xyz.com but it failed ( PAN OS 9.1.7).

For workaround we have removed wildcard.

 

You seen in other firewall with panos 9.1.5 its having dns suffix with wildcard. F

...

Packet capture hitting specific security policies?

I would really like the capability to setup packet captures for traffic that hits specific security rules. For example, we have rules that block outbound connections to Palo's dynamic IP list for known malicious IP addresses and would like packet cap

...

  • 23711 Posts
  • 104 Subscriptions
Top Solution Authors
Top Liked Authors
Labels