This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4129 Views
  • 0 replies
  • 0 Likes

Resolved! Firewall Replacement/Upgrade

Hello,I am rather new to the Palo Alto FWs, and I am looking to replace 2 existing PA3020's in an HA pair with two PA3220 also in an HA pair. I've never done a full swap like this so is there any Best Practice recommendations and/or upgrade checklist for steps needed to perform this type of an upgrade? Also, I'm curious if I can swap one firew...

GreenA by L0 Member
  • 5122 Views
  • 1 replies
  • 0 Likes

Data Redistribution: If a PAN has it's self defined as an Agent - will it redistribute to it' self?

Hello Live Community,We want to create a template "base_config" which will program all PANs with the same User-ID, Group Mapping, configurations.Part of that would be defining the all PAN's Serial numbers as Data Redistribution agents.So my question is this:If PAN Serial 1234567890 has a Data Redistribution Agent for Serial 1234567890 on port 50...

Fusco by L0 Member
  • 2675 Views
  • 1 replies
  • 0 Likes

More information about SSL Decryption and PAN-OS 10.0

Hey guys, I just wanted to let you know that I have just blogged about "What is SSL Decryption" and wanted to call your attention to it. Please read it here if you have not already seen it: https://live.paloaltonetworks.com/t5/blogs/what-is-ssl-decryption/ba-p/342598 But I wanted to create this thread about that blog if you wanted to sit and...

jdelio by L7 Applicator
  • 4502 Views
  • 2 replies
  • 3 Likes

Resolved! Safe Port Scanning

Hi folks, When I perform a nmap port scan on my IP range protected by Palo Alto Firewall, almost every port responded to SYN scan. This is a known issue, as I found:Port scan report shows all TCP ports are openhttps://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClgRCAS If I want to successfully perform a port scan, the only...

tingmy by L1 Bithead
  • 7144 Views
  • 2 replies
  • 0 Likes

Ike Scan Against GlobalProtect Gateway

I'm testing (starting) my ethical hack skills and testing our GlobalProtect Gateways for vulnerabilities. I used the Windows ike-probe and Kali Linux ike-scan against a Cisco gateway with VPN services running. The ike-scan results are what I expected in receiving a response or acknowledgment of 1 returned handshake with the available ciphers. Th...

Site-to-Site VPN use PPPoE

Site-to-Site VPN with PPPoE Good afternoon, please help me to confirm if the following scenarios are compatible or not. - Palo Alto with Interface in DHCP mode ( with private IP - Typical example ADLS modem delivering a Private IP ) establish a site-2-site vpn tunnel with another Palo Alto with Public IP. -Palo Alto with interface in PPPoE mod...

Metgatz by L4 Transporter
  • 3127 Views
  • 1 replies
  • 0 Likes

globalprotect compatibility with F5-Edge client

Dear community! We are having some traffic issues when globalprotect and F5-Edge client run together. When established a VPN with both clients at the same time, there´s some traffic not properly routed through the the GP virtual interface, the same traffic works fine when connected only to globalprotect. Access routes for globalprotect is 0.0.0....

Carracido by L4 Transporter
  • 4075 Views
  • 1 replies
  • 0 Likes

VPN IPSEC PPPoE

Good afternoon, first of all, thank you very much for your support.I have the following scenario, and I ask for your support so you can help me to validate if its configuration is feasible: - Palo Alto ---Interface on Palo Alto WAN type PPPoE ( with Dynamic Public IP ) ----------Generate IPSEC VPN Tunnel------------ with Palo Alto with WAN Inter...

Metgatz by L4 Transporter
  • 3542 Views
  • 1 replies
  • 0 Likes

help having trouble connecting via PPOE in PA-220

I am trying to connect a our DSL via PPPOE and it will not connect. As described in the PA doucment the interfeace is tyring every 3 seconds but getting the following "PPPoE session was initiated for user:mark.ptjo9664@globelines.com.ph on interface:ethernet1/3" PPPoE session failed to connect for user:mark.ptjo9664@globelines.com.ph on interfa...

marksd by L0 Member
  • 2512 Views
  • 1 replies
  • 0 Likes

Resolved! Microsoft Intune Autopilot Problems

We have this Intune process that our team goes through every time a new PC is issued to the user. Essentially this is an autopilot program that after the client is wiped, it starts downloading programs that are pre defined in our Intune configuration package. Once all of these programs are installed the Intune process is completed successfully...

Screenshot 2021-04-20 170028.png
Screenshot 2021-04-20 170202.png
Screenshot 2021-04-20 170340.png
Screenshot 2021-04-20 170447.png
CCullhaj by L1 Bithead
  • 29808 Views
  • 8 replies
  • 2 Likes

Resolved! commit failure and PA admins

Hi Team, user 1 log into firewallDid config changes and hit it commitSay for some reason that commit failed.He did not check commit status and log outAnother user logged in he did his changesAnd when doing commit he selects his userName then will his commit work?

Access Management via GP and Tunnel vpn ipsec

Access Management via GP and Tunnel vpn ipsec Good afternoon, I have a question, please support me. I have the following scenario. Site 1: The main site as a Global Protect VPN concentrator and also as a central point of two IPSEC VPN tunnels.Site 2: Site with Dynamic IP ( PPPoE ) connected by an IPSEC VPN tunnel to the central site. The Palo Al...

Metgatz by L4 Transporter
  • 2687 Views
  • 1 replies
  • 0 Likes

Client Get drop call after they connect access the web based application trough Firewall

Hi Team, One of my clients used some web application call when they are able to log in from home by the general home router (without global protect).When some clients come to the office and into the firewall network LAN When they log in and Connect call to their customer that call is dropping or breaking they are able to listen to the customer c...

  • 24336 Posts
  • 124 Subscriptions
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks