General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Resolved! Users connected to external gateway

Hello, Recently one of our customer did a GP agent upgrade from 4.1.4 to 5.2.4 Now we have configured two GP gateways external and internal. The problem customer is facing is users are always connected to external gateway even if they are on internal network. This was not the case before upgrade . Anyone please help.

Resolved! How to add nodes

Hi all, I'm new to in using MineMeld. I have configured installed and configured it on Ubuntu 16.04.I would like to configure miners but I don't know how to start with it. Through the internet I have found this page minemeld-node-prototypes/bruteforceblocker.yml at master · PaloAltoNetworks/minemeld-node-prototypes · GitHub and would like to ...

ZEBIT by L3 Networker
  • 4742 Views
  • 3 replies
  • 0 Likes

Access rule simulation

Does anyone have any idea how we can do access rule simulation from monitoring logs in PAN 820. Any automation or tool recommended?

ZTP Models can be deployed as a traditional models?

Hello guys, I want to know if someone has seen this behavior with Port Management Configuration on ZTP NGFW Models ... The IP address, Netmask and gateway shows an incorrect value 0.0.0.0 or Unknown, but the CLI shows the correct configuration parameters. We previously performed a "request disable-ztp" besides "Disable Device and Network Templat...

egarantiva_1-1616164599996.png

Resolved! Using scripting mode to modify existing security rules

Hi, I was wondering if anybody has experience working with the scripting mode in the way I need.Using the following commands, it is possible to add a single application or service to a rule:set device-group INTERNAL post-rulebase security rules SEC-APP application [ ssl ]set device-group INTERNAL post-rulebase security rules WEB-APP service [...

Resolved! Email subject line is truncated or shortened after upgrade to 9.1.6

As I upgrade firewalls to 9.1.6 (from 8.1.x) I am noticing that the subject line for emails I receive (typically System messages) appears to be intentionally truncated. This is not display issue with outlook. If I open the email the subject line still ends in '...' The problem is I have custom email rules that filter on the subject field and now...

ChrisIsett_0-1619785033940.png

Always-UP IPsec

The ipsec-tunnel comes up only when there is interesting traffic destined to the tunnel or when the tunnel manually initiated.That leads to problems in our monitoring. I'd like to ask if there is a workaround to make the VPN always-up without need to enable tunnel monitoring. Because tunnel-monitoring must verify connectivity to an IP address fr...

aabozaid by L1 Bithead
  • 7254 Views
  • 3 replies
  • 0 Likes

Global Protect not working with Big Sur on PA 820

Hi all, I Use Global Protect version 4.13 on a PA 820 Os 10.0, after updating my Mac to Big Sur i vant connect to the Palo anymore.The strange thing: when i use the same Mac to connect to another Palo in our domein it works.The error: failed to get client configuration. The GP works with other device on my account so i know for sure the connect...

Resolved! Registration now open - Interactive Event!

Hi everyone, If you haven’t already seen, registration is now open for our first interactive event all about the Best Practice Assessment (BPA) tool! You will be able to connect with subject matter experts, share best practices, and learn how this tool can improve your security posture. Register here. I’m registered and can’t wait to see ...

jdelio by L7 Applicator
  • 4494 Views
  • 3 replies
  • 1 Likes

Resolved! EDL in vsys environment

Hello, We have a pair of 5250 running PANOS 8.1 with 125 vsys. We want to deploy EDL to block well known attackers. My understand is the EDL has a limit of 150000 entries for IP list. If I create a shared EDL (type IP list) with 10 entieres and create 2 panorama shared security rules for inbound and outbound for all 125 vsys. Is that count as...

VPN socket closed

Hi All, I have a user who connects via a thin client with GP to our network. Actually we have around 50 users, but this one user has many problems. She gets disconnected multiple times a day. She tried multiple connections: her current residence with both wifi and cable, at her parents, both cable and wifi (2 different cities), and mobile data f...

olloczky by L1 Bithead
  • 5928 Views
  • 5 replies
  • 0 Likes

Does it work even if I install different models of PAN-OS?

Currently, we can download the PAN-OS Software Image of the PA-200, 800 and 3200 series from CSP.Does it work even if I install different models of PAN-OS? For example, the case of upgrading by installing PAN-OS 7.0.1 downloaded from PA-200 to PA-3050 with PAN-OS 6.1 installed. please answer about my question. Thank you.

  • 24393 Posts
  • 123 Subscriptions
Top Solution Authors
Labels