General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

IKE Certificate Authentication Peer ID

Hi,

 

Im trying to setup a VPN connection using certificate based authentication. When Phase 1 tries to establish I'm getting the following error

 

Peer's ID payload ' IPv4_address:xxx.xxx.xxx.xxx' does not match certificate ID, Error: failed to get subj...

Are EDLs updating from passive device?

Dear community,

 

We´ve configured a couple of external dynamic list (IP and URL) on a local minemeld server and the passive device fails to fetch those lists.

 

Error obtained is: "Unable to fetch external dynamic list. Couldn't connect to server. Usin

...

Carracido by L3 Networker
  • 2253 Views
  • 2 replies
  • 0 Likes

HA1 and HA2 Links

Hi Guys,

I have configured each of my HA links to have backup links. I would like to know, are the backup links also sending and receiving traffic like port-channel in which both ports are active? Especially the HA2 if we want to have 20G or more link

...

Nikko by L1 Bithead
  • 2185 Views
  • 3 replies
  • 0 Likes

Resolved! GlobalProtect Split-Tunnel via cli.

I am trying to add the MS IP's via cli for split-tunnelling.

 

the documentation states the following...

set network tunnel global-protect-site-to-site <name> client split-tunneling access-route [ <access-route1>

 

but this is not working on 8.1.9

 

I can g

...

Mick_Ball by L7 Applicator
  • 5011 Views
  • 3 replies
  • 0 Likes

Resolved! updates.paloaltonetworks.com connectivity

hi all,

we have been trying to test our networks connectivity

to updates.paloaltonetworks.com and have been unsuccessful.

we tried ping to updates but it fails and also traceroute it also fails.

and when we tried from different networks all the coonectiv

...

Resolved! EDL dynamic list is URL access error

i  have created the new EDL  with this  URL  (http://panwdbl.appspot.com/lists/mdl.txtbut unable to fetch We have changed the service route with outside interface but the same issue was happening.

 

 

 

Joshan_Lakhani_0-1583264831448.png

Resolved! Palo alto networks licence

Hello,

 

I'd like to know if this fonctionnality need a licence GlobalProtect in PAN or not:

 

* VPN client for MAC OS , Windows XP and Vista 

* The third party: Apple iOS, Android 4.0 

 

I will be appreciated for all your helps 

 

 

Thank you 

RCHAIBI by L2 Linker
  • 3422 Views
  • 4 replies
  • 0 Likes

GlobalProtect: The server certificate is invalid

I am trying to configure GlobalProtect (hereafter: "GP") TLS VPN on a PA-3050 running PAN-OS 8.0.6-h3. I am working with a GP client version 4.0.5.

 

I have successfully configured GP so that I am able to connect when using a self-signed certificate

...

PPPoe connecting to Centurylink / Qwest

I am replacing ASA boxes with PA. Currently the DSL modems are set up in "transparent" mode. This means that the firewall makes the "call".

The ISP assigned a block of static IP's and at least in case of the ASA I do not need to specify anything else

...

A1_IT by Not applicable
  • 4729 Views
  • 5 replies
  • 0 Likes

PPPOE Not Establishing

I am trying to connect a Palto Alto (in Ebano, Mexico) via PPPOE and it will not connect. As described in the PA doucment the interfeace is tyring every 3 seconds but getting the following "'PPPoE session failed to connect for user:u1st on interface:

...

Sip ALG

Hi community,

I have seen lot of Palo Alto documents and some blogs saying about ALG functionality issue in firewall.
I am facing some issues randomly with ALG functionality in firewall, I have seen documents says to disable ALG in PA, but my sip serve...

HA Upgrade Path 8.1 to 9.1

I have an HA pair of firewalls on 8.1. Do I need to upgrade both to 9.0 and then 9.1 or can I upgrade one all the way to 9.1 and then the second from 8.1. to 9.1?

  • 24034 Posts
  • 102 Subscriptions
Top Liked Authors
Labels