General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Resolved! commit failure and PA admins

Hi Team, user 1 log into firewallDid config changes and hit it commitSay for some reason that commit failed.He did not check commit status and log outAnother user logged in he did his changesAnd when doing commit he selects his userName then will his commit work?

Access Management via GP and Tunnel vpn ipsec

Access Management via GP and Tunnel vpn ipsec Good afternoon, I have a question, please support me. I have the following scenario. Site 1: The main site as a Global Protect VPN concentrator and also as a central point of two IPSEC VPN tunnels.Site 2: Site with Dynamic IP ( PPPoE ) connected by an IPSEC VPN tunnel to the central site. The Palo Al...

Metgatz by L4 Transporter
  • 2747 Views
  • 1 replies
  • 0 Likes

Client Get drop call after they connect access the web based application trough Firewall

Hi Team, One of my clients used some web application call when they are able to log in from home by the general home router (without global protect).When some clients come to the office and into the firewall network LAN When they log in and Connect call to their customer that call is dropping or breaking they are able to listen to the customer c...

PA-3020 interfaces not coming up

I have a PA-3020 that was taken out of production several months ago. When it was removed, everything was working. Since that time, it has been sitting on a shelf. I decided to get it out today, and try to set up a small lab. I consoled in to the device, and performed a factory reset. Next, I connected to the management interface, and went to th...

R2dTOO by L0 Member
  • 4495 Views
  • 2 replies
  • 0 Likes

Authentication Policy other ports confusion

We just started looking into authentication policy and while testing it works for web services but what about any other services rdp/ssh/or anything else. The BPA document says we should set authentication policy to Any, but doing that SSH in our test gets blocked, with a auth-policy-deny, and there are no redirects for SSH. Also if the user in...

raji_toor by L4 Transporter
  • 3889 Views
  • 2 replies
  • 0 Likes

URL Risk Rating Discrepancies

Why the URL category for sync.predictive.com and mail.eventss.com is High Risk in PA firewall but in Test A URL site it is Low Risk?I assume I should follow what is shown on firewall and disregard A Test site for good measure. But what is the cause of the difference?

PA.png
Test A.PNG
RVizcarra by L4 Transporter
  • 1948 Views
  • 1 replies
  • 0 Likes

Netflow is not working

Dear Team, Netflow hasn't been working. When we enable and disable Netflow on an interface our SolarWinds server receives a tiny bit of Netflow traffic but then stops again. Netflow traffic is however leaving the firewall and destines for the SolarWinds server. We have not found any drops in the PCAP. We found some error in the global counters, ...

VishnuPS by L3 Networker
  • 3370 Views
  • 2 replies
  • 0 Likes

PANOS firewall Upgrade from panaroma Error

I have paloalot firewall that is managed via panaroma. The firewall doesn't have internet connectivity and only panorama does. On the panaroma I have downloaded both the 9.1.0 base and 9.1.9 maintenance version. When trying to install 9.1.9 from panaroma I get the below error. Image uploaded. Installation initiated. Loading into software manager...

Djanju_0-1626189845109.png
Djanju by L0 Member
  • 4369 Views
  • 5 replies
  • 0 Likes

EDL for Specific Azure IPs/Tags Using Minemeld

I'm looking for a way to use the JSON file from Microsoft which lists Azure IPs and services tags (https://www.microsoft.com/en-us/download/confirmation.aspx?id=56519) to create an EDL. However, I only want to include the IPs for Storage.EastUS2 in the resulting EDL. I've seen reference to a prototype called azure.public-cloudIPsWithServiceTags ...

invalid syntax delete rulebase security rules (rulename)

Hello There, I am running PA-OS 8.1.19. i attempt to delete a security policy via CLI, However, I get an error of Invalid Syntax. Does anyone know what did i miss.i looked at several docs and all indicate i am using a correct CLI command Login to the PAN via console (serial) PAN>configurePAN#delete rulebase security rules LANInvalid Syntax.[e...

KurdTech by L1 Bithead
  • 5714 Views
  • 6 replies
  • 0 Likes

Static Redistribution to BGP

Hi All, I need some help/advice as I am unable to achieve the wanted results.Scenario: a) I have 2 PA firewalls sitting on separate DC operating independently.b) I would like to add a static route on PA (DC1) and as long as the path monitoring for that IP is up the route should be added to the redistribution to BGP which is controlled using a pr...

kanes39 by L1 Bithead
  • 2691 Views
  • 1 replies
  • 0 Likes
  • 24393 Posts
  • 123 Subscriptions
Top Solution Authors
Labels