General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Ensuring a Safe and Secure Community: How You Can Help

 

Dear LIVEcommunity Members,

 

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

safe-community_oct24.jpg
report-content.jpg
jforsythe by Community Team Member
  • 270 Views
  • 0 replies
  • 1 Likes

Slow Google searches on 9.0

Recently we changed to 9.0 code.   We are running decryption on our firewalls.   I've seen some very slow google searches recently, and a few errors when searching all while  using chrome.  Eventually the page will load the search if I wait long enou

...

Sec101 by L4 Transporter
  • 12010 Views
  • 23 replies
  • 0 Likes

Resolved! Delay on initial connection with globalprotect session

I have a vm-100 on azure. I configured it to route all traffic from globalprotect client, no split tunnel.

 

I noticed that when I browse a site, the initial connection takes about 5 to 10 second to show the first page but it's fine after the initial c

...

Overlapping destination subnets over IPSEC

Hello,

I have following scenario. I have a two IPSEC connections to Oracle Cloud. The destination IP range is the same on both networks.

IPSEC A - dest IP range 10.1.6.0/24, security zone Oracle1

IPSEC B - dest IP range 10.1.6.0/24, security zone Oracle

...

General - PA 5220

Hi

 

I have in logs this message

Type - SYSTEM

Subsystem - General

opaque: Number of hints on disk has exceeded 5000 due to log forward failures.

 

Someone may have had this error ?

 

Mr.P

 

Resolved! VPN remote desktop connection deep inspection

Hello Bros,

              In our deployment we had to give access for few employees to ms-rdp to their work PCs to do remote work staff.

recently we started to receive some complains regarding connections for all rdp's and other collaboration services

...

File blocking not happening

Hi team,

 

I have a file blocking profile for upload direction for all type of applications and file types.

I am using Decryption as well, Only in Google Drive File blocking is happening in so weird manner.

Pdf's and jpegs are getting blocking if only th

...

Subinterfaces on Hyper-V

Hello,

I tried to set up PA -100 VM on hyper-V but I have a problem with trunking. I have to have configure subinterfaces on the Palo VM site. I added tagged VLANs on the switch side but I can't configure this to work on the hyper-V side. Meybe someon

...

Resolved! Static IP configuration

I have some question regarding static IP given by ISP and how to configure it on the firewall as the external interface IP.

 

ISP has given me IP of X.X.X.120/27.  Next hop gateway is X.X.X.97

 

How would you configure this on firewall, because the other

...

ce1028 by L4 Transporter
  • 3700 Views
  • 3 replies
  • 0 Likes

Unable to disable HTTP & TLS evasion

Hi Team,

 

I have enabled antispyware allow profile for HTTP & TLS evasion, but still we are getting alert log, any reason. How to fix this.

 

 

 

 

 

Configured above setting, please help to solve this issue.

rbabu0_0-1608216677507.png
rbabu0 by L1 Bithead
  • 1817 Views
  • 1 replies
  • 0 Likes

Resolved! How to connect users to their domain via GlobalProtect

Hello,

 

We need a solution to join the users first to their Domain via Global Protect and after that client MUST be able to reset/change their password.

We were thinking of using Pre-logon, however, this requires machine certificate and customer is not

...

Master key problem on a PA-220

I have a standalone PA-220 on v9.1.6 and I'm trying to set my own master key on it. I'm getting this error:

 

Operation Failed request -> master-key -> on-hsm unexpected here request -> master-key is unexpected request is unexpected

 

It looks like it th

...

ccvega by L1 Bithead
  • 2051 Views
  • 1 replies
  • 0 Likes

security policy source user strange behavior

Hello

I am using ldap users as source user in security policy.

The policy defines who can access http-service and https-service to the internet.

After the Firewall there are about 500 PCs and about 10% PCs stop to browse the internet every 20-30min, pre

...

Inter VR Routing

We have a PA 3220 with two VRs, one VR is TEST and the other is VR is PROD.

Each VR has a public facing interface, eth1 is PROD Andy its IP Address is 103.143.195.245/32 and eth2 is TEST with an IP address of 166.206.187.82/32. There are internal and

...

Chopper by L1 Bithead
  • 4358 Views
  • 4 replies
  • 0 Likes
  • 23634 Posts
  • 107 Subscriptions
Top Liked Authors
Labels