General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Join the Fuel User Spark Event on March 19: Dealing with Threats !

 

Join us at the Fuel User Group Spark Event on March 19!

 

Get ready to ignite your cybersecurity knowledge and connect with industry experts at our upcoming Spark event hosted by the Fuel User Group. Whether you're a seasoned professional or just

...

kiwi_0-1709893724672.jpeg
kiwi by Community Team Member
  • 279 Views
  • 1 replies
  • 2 Likes

How and Why to Accept a Solution to Your Post

Did you know that you can help your fellow community members by accepting solutions when a reply answers your question. Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature

...

JayGolf_0-1691518400714.jpeg
JayGolf by Community Team Member
  • 3159 Views
  • 2 replies
  • 14 Likes

Multiple SAN on SCEP profile

Hi,

Is there a way to define multiple SAN names in SCEP profile?
We are trying to use SCEP for management access certificates for PAs in HA but with one certificate for both with both hostnames in SAN fields.
I don't see a way to enter more than one, I

...

CITNetwork_0-1700576009821.png

Meraki behind PA - Unfriedly NAT

Hello community,

 

another person with the problem. I know, I know. Finding a solution to this problem is obviously not easy.

 

I have a problem with a Meraki cluster behind a PA cluster.
The problem is the familiar “Unfriendly NAT”.
I just can't figur

...

No Logs for matched rule

Hello everyone,

 

We are facing a strange problem with one of our PA-220.

I created a rule to allow all traffic between 2 different zones with our default log settings. The problem is that I only see a hand full hits and nothing in the traffic log.

Y

...

Website Access Issue from one of branch office

Hello All,

We have PA-850 implemented across the sites (4 sites), there is a URL www.crunchydata.com is not accessible from one of Branch Office in US, while there is no issue accessing same URL from other branches. However

- i have checked and confi

...

ECMP Single Interface

I have an HA pair of firewalls in my data center. I have a single ISP that provides two routers for internet access. I use HSRP on those routers, which obviously share the same subnet on the inside interface that connects to the outside interface of

...

create a new Vsys queries.

Wish to configure new VSYS, will it cause any issue while configuring?

 

Do we need to reboot after enabling Multi-vsys opention?

Will it will cause network disruption over default VSYS1?

· Will it will affect the functionality of Access Control Poli

...

IPSEC VPN tunnel

We have a site to site VPN tunnel that fails when the vendor side tries to Re-Key. We are seeing no U-Turn policy blocking them. We can ReKey from outside without issue. 

 

1. Has anyone seen this issue previously and been able to fix it?

2. Does any

...

Palo Alto Application ms-office365-base not working

Hello Everybody,

 

i thought i try the community for a change with my problem.

One of our departments recently asked for a policy change, so their server could access a ressource in the internet.

The rule is as simple as it gets. Source is their Serv

...

Matching HIP in Decryption Policy

Anyone doing this? It is configurable in the policy itself but isn't referenced in any documentation. The firewalls seem to ignore the HIP profile configured in the decryption rule when matching/not matching traffic. 

 

When I configure the rule to mat

...

ccscott by L2 Linker
  • 4221 Views
  • 11 replies
  • 0 Likes

Log forwarding profile for Correlated Events?

Hello all,

 

It appears that we have had at least a single correlated event in the past seven days, but did not recieve any alert related (via any configured log forwarding profile).

 

It appears the each match that was correlated did perform a log actio

...

  • 24089 Posts
  • 99 Subscriptions
Top Solution Authors
Top Liked Authors
Labels