General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

VM-100 under Dell PE2950 - and new suitable HW...

Hi

We have had a VM-100 under VMWare 6.5 ESXi on a 32Gb Dell PowerEdge 2950 for a few years now.  We serve a 250 students' high school with dorms so the FW works around the clock...  Throughput has been ok with few complaints, but when I checked the m

...

PE2950-VM100.png

Clientless VPN

Hi Team,

 

Iam  facing the issue with clientless VPN when I  open the application and checked  the some tab in application they are not loading. when i take the packet capture i found lot of error" Ignore Unknown records".

 

TAB are not Loaded.

 

 

 

Joshan_Lakhani_0-1604516773282.png

KnowBe4 Phishing Training and WildFire testing

My company uses KnowBe4 for email phishing training.  During our current campaign we discovered that test emails were getting opened and attachments or hyperlinks were triggered identifying a test failure.  This happened when the user could not have

...

Resolved! panorama HA sync

The physical firewalls was relocated and renamed from FWDAN-BYTWAN01/02 to FWSCO-BYTWAN01/02 with new mgmt. ips.Then we removed and added the firewalls back to one of the Panorama (vaemp-pan01) which was active that time. But the other panorama (vaal

...

MineMeld and Prisma Access API

Hello everybody,

 

has anyone ever worked with MineMeld and the API to Prisma Access.

There is this PrismaAccess (https://github.com/PaloAltoNetworks/minemeld-prisma-access) API extension for MineMeld (I know it is only experimental) but I would like

...

jschwier by L1 Bithead
  • 2218 Views
  • 1 replies
  • 0 Likes

Issue with PBF Symmetric Return

We are running PanOS-10.0.2 on our PA-220 and we are having an issue with a PBF rule which seems to be denied even though it should match the traffic.

 

The setup:

2 WAN interfaces:

  • Primary = PPPoE interface on ETH 1/5. Route is added to router when PPPo
...

2020-11-02 15_06_01-Window.png

Need to Allow Video-Streaming from Specific Website

Hello Dears,

 Requirement:- I want to allow only some educational videos (educational videos belong from training and tools URL category) for my environment.

Below i have tried:-

  • I have checked all the streaming videos played on YouTube or any the strea
...

HA cluster

Hello, Can you form a HA cluster with a PA-3020 and PA-3060? Or do models have to be identical?

 

 

 

 

 

qoduxobi by L0 Member
  • 1610 Views
  • 1 replies
  • 0 Likes

Resolved! About APP-ID icmp and ping.

Hi guys.

I have question about APP-ID that ICMP and PING. I found that some document said "ICMP is all of icmp procol and PING is only ICMP type 0 and 7 is echo request and reply".

When we have white list security policy, For open a PING application, S

...

ttongfly by L3 Networker
  • 6670 Views
  • 4 replies
  • 1 Likes

Adding L3 to vWire PAN

I currently have a PAN 3220 sitting in serial behind a Cisco ASA. The PAN's doing the higher level inspection, geo, correlation warnings, content filtering. I had written earlier on the forum about wanting to implement layer 3 on new interfaces and i

...

palomed by L3 Networker
  • 2257 Views
  • 2 replies
  • 0 Likes

Resolved! Certificate ca status from the CLI

I have successfully loaded my device certificate and a CA certificate from the CLI - took some seraching for format of the certificate strings, but they're in there now. 

One problem. 

In a firewall I have previously set up I show (in set format) the c

...

Palo Alto OSPF routing./wild card mask configuration.

Folks,

For OSPF configuration on the Cisco router, we normally define a wild card mask. 

 

e.g. network 1.1.1.0 0.0.0.255 area 0.

What this configuration tells the Cisco router is to form OSPF neighbor with all IP address that being with 1.1.1.x IP addre

...

nson2139 by L3 Networker
  • 2047 Views
  • 1 replies
  • 0 Likes

Trouble with multiple IPsec VPN Tunnel

Hi all,

I'm a fresh man to paloalto devices and I'm facing a problem.

Site A has a subnet 192.168.100.0/24. Site B has 192.168.40.0/21. Both sites use PA820.

Site A has a IPsec tunnel to Site B. This tunnel is running good.

Now we have a new Site C, 192.

...

mercurr by L1 Bithead
  • 4426 Views
  • 6 replies
  • 0 Likes
  • 23591 Posts
  • 103 Subscriptions
Top Solution Authors
Top Liked Authors
Labels