General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Resolved! commit error

today i got commit error 

 

Client websrvr requesting last config in the middle of a commit/validate. Aborting current commit/validate.

 

Commit failed

 

 

 

Fix was i just need to run the commit again.

Need to know why this commit error occured?

MP18 by Cyber Elite
  • 3315 Views
  • 2 replies
  • 0 Likes

Setting All traffic of a specifif URL to the primary ISP

Hi Everyone!

 

How will I set all traffic from https://www.siteground.com/  to my primary ISP? Because Currently we have two isp and running in a balanced round robin. The issue is whenever we go to the website it shows an error  "Due to ip changed ins

...

AVITUTS by L0 Member
  • 1585 Views
  • 3 replies
  • 0 Likes

PBF state is dicard

I have 2 internal test IPs, 172.16.16.2 and 172.16.16.3. These 2 IPs are respectively PBF, which implements different paths. And these two IPs have done two-way NAT. Map them to a public network address. 
The problem that arises now is that 172.16.16.

...

pbf-rule.png
pbf-config.png

How to make PA side as intiator for VPN with Azure

We want to make Palo Alto side as intiator for VPN with Azure .

 

Currently we have IKE settings as aes256,3des , sha1 sha256 and group 2 .

with lifetime less that azure standard 28800

 

still we are seeing PA acting as responder.

 

Basically issue is with

...

Resolved! minemeld-web FATAL, CENTOS Latest Dev Edition

I performed a recent git pull and performed the standard upgrade due to we were having issues on the edition we were on. However the minemeld-web will not load. I tried the revert back to pip 9.0.3 command for others having the with no luck.

When tryi

...

WilliamT by L0 Member
  • 3295 Views
  • 2 replies
  • 0 Likes

Top urls by Bandwidth for a user

Hi Everyone,

This is probably a very simple task, however i am not getting the result I am after.

 

I am trying to create a report that shows me the top URLS by bandwidth for a user for the last 7 days

, in the User Activity Report ( predefined) it shows

...

Resolved! Destination NAT

Hi there,
I have few URL acessible publicy one of them is WWW and HTTPS. I have dedicated HTTPS URL(xyz.com) however all other www URL(abc.com) is also accessible though https and redirecting to that https url(xyz.com). i am not sure what i am missing

...

Resolved! SSL Certificates import

Hi All,

 

I need to import some SSL certificates for a Global Protect instance. Customer has already supplied me with their wildcard certificates which I have imported but I cannot select them when creating an SSL/TLS Service Profile. Can I set up this

...

a.jones by L3 Networker
  • 2133 Views
  • 2 replies
  • 0 Likes

SSL Outbound decryption - Outbound traffic

Hi There, I need your inputs to implement SSL Decryption, currently we have Proxy Server - WSA and same is configured at all end users explicitly. WSA Doesn't have ssl decryption. Hence we would like to deploy ssl decryption at perimeter firewall pal

...

upgrade 7.1 to 8.1 ha pair and panorama

Hello,

 

I'm going to upgrade pa 5020 *2 and m 500 to 8.1.9 from 7.1.18.

 

My plan is:

Upgrade 8.0.19 M-500

upgrade 8.0.19 passive

upgrade 8.0.19 active

upgrade 8.1.9 M-500

upgrade 8.1.9 passive 

upgrade 8.1.9 active

Log migration for M-500

 

My concern is when I

...

yhlee1 by L2 Linker
  • 2891 Views
  • 3 replies
  • 0 Likes

Resolved! Source MAC address white-list filtering on the PA-220?

Hi all, I am new here so sorry  if this is in the wrong place.  At my work place we  have a new single   PA-220 firewall router that I am configuring to be used  as a router/gateway out for SIP traffic. The IP phones will use a interface on the PA-22

...

eveares by L1 Bithead
  • 8582 Views
  • 2 replies
  • 0 Likes

Resolved! GlobalProtect Event log

Hi, I am trying to trigger a GPO event in Windows Task Scheduler on the event when someone connects to global protect.


Does anyone know where I would find that?

acura771 by L1 Bithead
  • 6600 Views
  • 10 replies
  • 0 Likes

Resolved! Cant find option to take ACE exam

Hello

 

i had been trying to take the ACE exam but i couldnt find the option of ACE in the learning center, only PCNSE and PCNSA.  I actually wanted to take the ACE since im working for a partner of Palo Alto and ACE is needed to take PCNSE directly af

...

Top Solution Authors
Top Liked Authors