General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Resolved! Can PA-1410 run on PAN-OS 10.2.x?

All our existing PA-5220, 850, 440, and PANO are running 10.2.x. Can the PA-1410 be downgraded to that version as well? Out of the box it came with 11.1.4-h7.

Hue by L0 Member
  • 1282 Views
  • 2 replies
  • 0 Likes

Resolved! Site-to-Site IP Sec - PAN 220 [Static IP] to CradlePoint [Dynamic IP]

Does anyone have experience setting up an site-to-site IP Sec tunnel between a PAN firewall with a static IP address and a CradlePoint with a dynamic IP address? I am trying to determine if there's a way to setup the IP Sec tunnel between the 2 endpoints without having to pay a 3rd party for DDNS service.I tried setting the firewall peering to ...

Show Hard Drive information

For an audit, I need to know the Make/Model/Serial Number of the internal HDD. I cant seem to locate the appropriate show command on a PAN device...any ideas?Thanks much

FAIL TO PARSE SECURITY POLICIE

Hi guys I`m having a big problemWhen i try to commit my security policies show this erro.Details:· Error: Failed to find address '10.2.69.100 '· Error: Unknown address '10.2.69.100 '· Error: Failed to parse security policy· (Module: device)· Commit failedSomebody help please!

Thiago by L3 Networker
  • 4782 Views
  • 3 replies
  • 0 Likes

Customize Global Protect app/response pages

Hi, I would like to customize portal web GP. The main web where you add your credentials and the enxt web where you can download the client. Is that possible? I saw you can import web for portal GP web in DEVICE-> Response pages, but i would need the current web to edit and customize where can i get it? On the another hand, Is it possible...

BigPalo by L4 Transporter
  • 1270 Views
  • 3 replies
  • 0 Likes

Inquiry Regarding Conversion of Unused PCDRA Voucher

Hi, I would like to inquire if there’s any option to convert my PCDRA exam voucher into a voucher for a different but related certification exam. I currently have a PCDRA voucher, but since the PCDRA exam appears to have been retired, I’m unsure how to proceed or make use of this unused voucher. Any suggestions or guidance on this matter would b...

Resolved! How can I test a ldap server that is healthy or not?

Dear all We need to replace our old ldap server config to a new ldap server on PA firewall and panorama, I want to know if I add a new ldap server config on PA firewall and panorama, how can I test the healthy of the new ldap server? I try to use telnet command to connect the new ldap server's 636 or 389 port, but I found there is no tel...

Resolved! No Valid DNS Security License - Resolved

We did a trial of DNS Security, after its expiration pushes from Panorama failed with warning "No Valid DNS Security License" Did a fair bit of searching, only real suggestion was here, that said to set all DNS Policies to Allow, that did not resolve the warning. Tried setting DNS Signatures to Default, still same commit warning. Poking around...

Resolved! "-base" applications and how they relate to non-base applications

The term "base" makes this impossible to search for because "application-based" and "port-based" shwo up everywhere. I am not finding an answer in any documentation yet. So, please help me clarify. If I specify the application to be one with the suffix "-base" does that mean it includes all the specializations, or does it mean it is only includi...

Odd behavior around ISP Failover with Static Route Path Monitoring

Hi, I had an unexpected situation occur recently with regards to failover behavior on static route path monitoring. We have 3 ISPs, and this past weekend 2 of them went down at different times (hooray). For the purposes of this post, I will be talking about one of them. Interestingly, the path-monitoring worked when the failure event occurred - ...

image.png
ihealey by L1 Bithead
  • 8355 Views
  • 4 replies
  • 0 Likes

Resolved! IPSec VPN not getting any response from peer

Hello, i'm having a weird problem with an IPSec VPN on my Palo Alto. This morning tunnel was working fine, but after mistakenly denying ike and ipsec requests on my firewall, the VPN went down. I obviously did a quick rollback and peer IP is now allowed to request IPSec and IKE. However the VPN won't go up again (other VPN with similar con...

christopheguengant_1-1747859953364.png
christopheguengant_3-1747860298749.png
  • 24393 Posts
  • 123 Subscriptions
Top Solution Authors
Labels