General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Ensuring a Safe and Secure Community: How You Can Help

 

Dear LIVEcommunity Members,

 

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

safe-community_oct24.jpg
report-content.jpg
jforsythe by Community Team Member
  • 563 Views
  • 0 replies
  • 2 Likes

Resolved! 2 ISP NAT question

Hello,

 

we have 2 ISPs . .

Static route with metric 10 for the 1st one and another static route with metric 20 for the second one .

We have 2 nat rules for LAN. 1st one is via ISP1  and 2nd is via ISP2.

So when we change the default route we need to reor

...

stef by L2 Linker
  • 2012 Views
  • 1 replies
  • 0 Likes

PA Destination NAT

I have a use-case that all subnets/VLANs should be able to access the server (192.168.4.4) via HTTP using the loopback IP address 192.168.6.2/32.

 

The PA firewall is the gateway for all the VLANs. I would like to confirm if this is possible? The sourc

...

Nikko by L1 Bithead
  • 2375 Views
  • 2 replies
  • 0 Likes

Resolved! Aplicação incompleta

Galera, boa tarde.

 

Estou com um problema bastante confuso, tento acessar um determinado site "HTTP" é recebo a erro (Não é possível acessar esse site), realizamos um teste fora da nossa rede é o acesso é realizado normalmente.

 

Analisando os LOGS veri

...

Lucaaslr_0-1620676620608.png
Lucaaslr by L0 Member
  • 2058 Views
  • 1 replies
  • 0 Likes

application

 

Guys, good afternoon.

 

I have a very confusing problem, I try to access a certain "HTTP" site and I get an error (It is not possible to access that site), we perform a test outside our network and the access is done normally.

 

Analyzing the LOGS, I fo

...

Lucaaslr_0-1620677681082.png
Lucaaslr by L0 Member
  • 2255 Views
  • 3 replies
  • 0 Likes

User-ID only tags IPv4 or IPv6 address in dual stack

I've got the User-ID agent installed on three servers and I've recently began enabling IPv6 internally and I've noticed a problem.  The traffic logs in Palo Alto only associate either the IPv4 address or IPv6 address of a machine with a username depe

...

Lcroce by L1 Bithead
  • 4447 Views
  • 3 replies
  • 1 Likes

can MineMeld be installed on ubuntu 20.04?

I'm getting this error, how do i get around it?

 

$ sudo apt install -o Dpkg::Options::="--force-overwrite" -y minemeld
Reading package lists... Done
Building dependency tree
Reading state information... Done
Some packages could not be installed. This m

...

Thyrion by L2 Linker
  • 4150 Views
  • 2 replies
  • 0 Likes

NGINX configuration for SSL Inbound Inspection

Hello everybody,

 

  I'm trying to enable SSL Inbound Inspection to decrypt traffic to an internal webserver that runs on NGINX. I have already added the server certificate and key, and set up the corresponding decryption policy. The problem is that th

...

grenzi by L3 Networker
  • 3674 Views
  • 2 replies
  • 0 Likes

Resolved! RHEL7 - /bin/sh ./configure Permission Denied

Hi all,

I'm installing minemeld-ansible on Redhat 7.
When i run this command:

sudo ansible-playbook -K -i 127.0.0.1, local.yml
i got this error:


`PLAY [minemeld playbook] ************************************************************************************

...

Resolved! PA-220 Size

dear all,

in my environment, we have 100 computers and 8 servers, one internet connection, maximum 10 or 15 users need VPN and we planning To buy PA-220 .

question: Does this device meets our needs? 

YOOG887 by L1 Bithead
  • 4725 Views
  • 7 replies
  • 0 Likes

trust-untrust common apps block user

Without giving any low level info

how would a person go about a blocking a single user, via policy, get blocked from trust-untrust common apps w/o affecting other users?

Create a policy above it? Or negate the user?

PA200-1 by L1 Bithead
  • 1708 Views
  • 1 replies
  • 0 Likes

Resolved! Migrating config from PA -500 to pa 220

I

Hi,

Planning for upgrading PA-500 to PA-220, Just wanted to be sure that if we download the current running config from PA-500 and import it to new PA-220 device, will that work? 
I am not sure if Importing configurations between non-matching hardware

...

Prelogon - PanCredGet

PAN-OS - 9.0.3

Global Protect 5.0.3

 

We are having problems with GPPrelogon. 

 

Logs:

 

(T7612) 07/22/19 15:20:16:670 Debug(5727): REGION-PRIO, region code is GB
(T7612) 07/22/19 15:20:16:670 Debug(10868): REGION-PRIO, save region code GB
(T7612) 07/22/19 15

...

BizBo by L2 Linker
  • 7997 Views
  • 3 replies
  • 0 Likes
  • 23750 Posts
  • 110 Subscriptions
Top Solution Authors
Top Liked Authors
Labels