General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

How and Why to Accept a Solution to Your Post

Did you know that you can help your fellow community members by accepting solutions when a reply answers your question Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature

...

JayGolf_0-1691518400714.jpeg
JayGolf by Community Team Member
  • 868 Views
  • 1 replies
  • 8 Likes

ACC tab "Applications using Non Standard Ports"

Hi PA Live Community,

 

Still a newbie to the whole PA world but slowly getting there.

When looking at the ACC tab of the GUI I can see there are entries for  "Applications using Non Standard Ports" and also  "Rules allowing Applications on Non Standard

...

Rule Screenshot.JPG
ACC Screenshot.JPG

Testing non-http mfa feature with GP

Hi there.

 

Documentation is rather slim here. I've set ut MFA for web site access, and it works. When testing it for non-http, accessing a SSH server, it kills the SSH connects, but no 2FA challenge on my GP. 

 

What am I doing wrong? What's needed?

 

I'v

...

gtomte by L3 Networker
  • 9695 Views
  • 11 replies
  • 0 Likes

Resolved! HA1 Backup Down - PA220 9.0.4

Hi All,

I have followed the PA design for creating an HA Active/Passive pair of PA220s.

 

I see however that HA1 Backup is showing red/down.

 

Attached are the relevant sections and a High Level Topology of the HA setup.

 

Any advice?

If I reboot the active

...

HA Screen 2.JPG
HA Screen 1.JPG
HA Screen.JPG
PA Topology.JPG

Resolved! SSL Decryption URL and App Filter

Hello everyone,

I have to block some URLs and applications as per our company policies. Since we dont have a general rule from the inside zone to the outside (Internet), we are very restrictive in our access to the internet, and since there are some w

...

joseglez by L1 Bithead
  • 3040 Views
  • 2 replies
  • 0 Likes

SD-WAN policy name not showing for ping application

In our demo SD-WAN setup we have a couple of SD-WAN rules for ping traffic and also a catch-all rule for all unmatched traffic. For most of the tested applications everything is fine. But for ping (and traceroute) the SD-WAN policy name field in traf

...

santonic by L6 Presenter
  • 1901 Views
  • 0 replies
  • 1 Likes

Resolved! Outbound RDP access

I just heard one of my coworkers saying we need to block outbound access to RDP, I didn't have chance to follow up with him what him because of COVID-19.  I am trying to to understand what would be the reason, is that a best practice possibly?

 

 

Amin2 by L1 Bithead
  • 3960 Views
  • 4 replies
  • 0 Likes

FIPS 140 and CC enabling?

Couple of questions on FIPS.

 

  1. When you enable FIPS140 on a Palo it wipes the device. Can you just reload your last saved?
  2. Can a FIPS140 enabled device talk to a non-FIPS device over an ipsec tunnel provided the cyphers are compatible?
  3. FIPS disables PAP.
...

HA for 3250 FW throught VXLAN

Hi everyone!

I have an interesting case. My topology is:

PA 3250 HA1------> Nexus 9000---------------VXLAN Overlay-------------------- Nexus 9000--------> PA 3250 HA1

                               vlan 2201                                             

...

Rdp windows

Hi,

is it a good idea giving access to public windowd  rdp ?.

Folks says do not publish outside 

Any good reason for this ?

Thanks

 

simsim by L4 Transporter
  • 5733 Views
  • 11 replies
  • 0 Likes
Top Solution Authors
Top Liked Authors