General Topics

Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

 

Rules and Best Practices

 

  1. Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion
...

JayGolf by Community Team Member
  • 776 Views
  • 0 replies
  • 0 Likes

DH - VPN

 

Hi ,

 

How can I allow multiple Diffie-Hellman (DH) group in IKE  & IPSec profile while creating a VPN 

 

hanuman by L0 Member
  • 2561 Views
  • 4 replies
  • 0 Likes

"export to CSV" - limit

What is the maximum limit on the number of lines to return? can it be increased?

want to know what they do during siesta? see for yourself on the spanish porno tube https://pornogratisaqu.com/

 

 

 

 

 

ducuxawi by L0 Member
  • 1704 Views
  • 1 replies
  • 0 Likes

Resolved! Can I use CA Root Certificate for Debrypting SSL Traffic?

Hello,

 

I want o start setting using Decryption Policy, to Decrypt & Intercept SSL (443) traffic from users when connecting to Internet.

 

I am wondering, can I use one of the well known Certificate Trusted, e.g., Global Sign by installing it on the Pal

...

mshamsan by L1 Bithead
  • 4489 Views
  • 4 replies
  • 0 Likes

Resolved! Ineffective IP spoofing protection

I have IP spoofing protection enabled on PaloAlto but it is not effective due to the following reason:

 

My external Interface IP is 1.2.3.1/24 . The spoofed attacks are coming from a fictitious source IP for e.g. 1.2.3.25 destined to 1.2.3.50(web serv

...

Resolved! Traffic Thourhg the intended Security Rule

Hello,

 

I have configured a new Security Rule on top (#9 in the picture down) to Block traffic intended to a Custom URL configured in the profile  Block_Files

* TOP RULE *

  • Source Zone:                     any
  • Source Address:              any
  • Destination Z
...

mshamsan by L1 Bithead
  • 3248 Views
  • 3 replies
  • 0 Likes

HA Active/Passive with Preemption

2 firewalls configured with HA active/passive, And enabled preempt on both of firewalls

Everythings find, can synchronize configuration and session

 

firewall-A is active-firewall with priority 100

firewall-B is passive-firewall with priority 120

HA timer

...

IKE SA negotiation is started as initiator, non-rekey

Hello :),

I have a problem with VPN from PA-220 to Azure. The logs show this information : "IKEv2 IKE SA negotiation is started as initiator, non-rekey. Initiated SA " 

Every change I made it always is this same error. Is there any way to resolve this

...

Lukaszm1 by L1 Bithead
  • 40912 Views
  • 9 replies
  • 0 Likes

System Logs

Hi,

 

Do we have any list of critical and high severity system logs? Like what are the examples of hardware failures, serious issues etc...

user-id-agent-sequence is invalid.

Hi Team,

 

I'm seeing configuration invalid when I remove user-id agent from palo alto firewall and not able to commit.

 

PA-220 PANOS version 8.0.3.  Same model firewall I have removed I can able to commit.

 

Only in this firewall, I'm seeing this issue.

 

...

Screenshot (500).png
  • 23985 Posts
  • 115 Subscriptions
Top Solution Authors
Top Liked Authors
Labels