General Topics

Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

 

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! 

 

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 197 Views
  • 0 replies
  • 0 Likes

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

 

Rules and Best Practices

 

  1. Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion
...

JayGolf by Community Team Member
  • 879 Views
  • 0 replies
  • 0 Likes

Outside interface listening on HTTPS "502 Bad Gateway"

I have this odd issue whereas one of HA Pairs seems to be listening on 443 on its outside interface for GP but I don't use GP and never had.  I have a interface profile that allows HTTPS but not from any IP and when I disable that it still shows that

...

drewdown_0-1612816320888.png
drewdown by L4 Transporter
  • 2872 Views
  • 2 replies
  • 0 Likes

Resolved! Is JSON Based URL is configurable in Security Policy as EDL.

Hi Team,

 

Please confirm us can we configure JSON based URL as a EDL in Security policy on Palo Alto Firewall.

 

Herewith, I have provided you with the sample JSON Website for your reference. Please refer and share us with your valuable inputs.

 

https://

...

SahulH_0-1613372205367.png
SahulH by L3 Networker
  • 6849 Views
  • 3 replies
  • 0 Likes

URL wildcard Pattern

Hello everyone, I need to block URLs that have a word pattern/string, It is possible to restrict certain strings inside the name of a URL?? for example the word "good" inside the website "www.goodwill.com" to be blocked ? I already try with Wildcards

...

Destination NAT for Route base VPN

We have an requirement to set up a route base VPN, but remote proxy IP subnet clash with an existing remote subnet.

 

We are planning to use destination NAT, but not sure, how the routing will be controlled.

 

Please help to solve this problem.

Gurupada by L0 Member
  • 1731 Views
  • 1 replies
  • 0 Likes

Resolved! 5260 Z MGMT PROCESS AND APP/THREAT MISMATCH

Hi,

 

I am upgrading os for some 5260 this weekend however, just realised its showing app and threat mismatch. Upon t-ahooting I realised the management process on active firewall is showing Z defunct.

 

My understanding is that it is a Zombie process an

...

qasim02 by L2 Linker
  • 2704 Views
  • 2 replies
  • 0 Likes

Incompatibility Acrobat-GlobalProtect

Hi,

 

Customer upgrade Adobe to versión 21.001.20135 and Global Protect stopped working. Issue is th esame like this:

https://community.adobe.com/t5/acrobat/adobe-acrobat-reader-21-001-20135-preventing-users-to-connect-to-global-protect/td-p/11823885?pr

...

BigPalo by L4 Transporter
  • 2561 Views
  • 1 replies
  • 1 Likes

SSL Inbound Decryption Failing

hello, we are setting up SSL Inspection for inbound traffic but it is failing when clients try to access, we are getting unsupported protocol errors.  ssl labs shows the following issues around handshaking.

 

 

with SSL Inspection off we do not see thes

...

RyanJohnstone1144_0-1612884336341.png
RyanJohnstone1144_1-1612884421679.png

Panorama<->Firewalls connectivity issue

Hi all,

 

After I modify the route service and restore it to the state before the firewalls (2 HA firewalls  + PA220 ) are no longer connected to the panorama.

 

No changes are made on the network side between the two.

Panorama : VM (VMware ESXi) version

...

ayoubAitkhouya_0-1612712485559.png

URL Filtering Issue Through GlobalProtect

We are facing a issue in URL Filtering while connecting Palo Alto PA-220 via Globalprotect.

 

When I am using broadband connection to connect to my laptop to vpn then all the configured url filtering sites are getting blocked but when we connect it thr

...

KapilRoy by L0 Member
  • 2723 Views
  • 2 replies
  • 0 Likes

External Certificate Renewal

I can't for the life of me figure out the process to renew a certificate issued from an external CA.  We have a cert purchased from Thawte for our Global Protect gateway.  It will expire shortly and Thawte wants a csr file for the renewal.  Selecting

...

can we generate report for tunnel interface in ACC

We are using proxy solution for url filtering for which we have deployed ipsec tunnel with cloud proxy server.

If we are filtering ACC report for interface and zone we are not able to get proper utilization report. Hence we are trying to export report

...

Deepak_K by L3 Networker
  • 2081 Views
  • 1 replies
  • 0 Likes

LIVEcommunity January Rewind

Hi everyone! 

 

We are excited to share our first LIVEcommunity monthly recap with all of you! There are a lot of exciting things happening around the community, so we put together this News article sharing everything that you might have missed durin

...

agalindo by L4 Transporter
  • 2791 Views
  • 1 replies
  • 3 Likes
  • 24013 Posts
  • 115 Subscriptions
Top Solution Authors
Top Liked Authors
Labels