General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Blue screen on Windows 10 after GlobalProtect 5.2.4

Hi team, I've been facing the following issue. I did an upgrade in the GlobalProtect version (from 5.1.8 to 5.2.4). And it worked normally but, I saw in 3 specific laptops that, when the user installs the app on his laptop, the laptops start to see bluescreens and restarts. And then the user's support team removes the app and goes back to normal...

Cannot ping ethernet1/1 in PA_VM

Hi PA_VM installed in ESXi. PortGroup1 is connected to PA management interface. and Portgroup2 is connected to ethernet1/1. PC1 in Portgroup1 can ping the PA and visit it via GUI using management interface 10.0.10.16. Security zone is setup for ethernet1/1 with ip address 10.0.20.16. PC2 with ip address 10.0.20.10 is connected to Portgroup2, but...

PAFrank by L2 Linker
  • 2785 Views
  • 2 replies
  • 0 Likes

Dual ISP Active/Active Best Practice?

Hi all, We are in a situation now where we are trying to effectively configure our new dual ISP circuits in our primary location. Our initial thought was we would leverage these circuits using PBF and manually govern traffic flow. Ex: All video traffic to streaming-service, go out ISP-A. All web traffic, use ISP-B, etc. We were looking at PBF to...

VM300 Live Migration - MS HyperV S2D - MAC Address/ MAC Spoofing

We have a 4 node Hyper V S2D cluster with a single VM300 appliance. We have been able to successfully live migrate the VM from node to node without any issues.We are in the process of modifying the North / South network fabric. I have successfully update the network on 3 of the 4 nodes. When I went to do the final node (the node that the VM30...

Resolved! NAT over IPSec tunnel.

hello all I have an IPSEC tunnel with ASA(99.1.1.23<> 123.2.4.105), the tunnel is UP but the source client is not able to access the destination server.The proxy ID on PA side islocal: 1.1.1.1remote: 2.2.2.2 both sides are using nat for the client/server behind the FWsthe source client IP is 10.10.10.10(NAT to 1.1.1.1) and the destination ...

DongQu by L2 Linker
  • 16517 Views
  • 8 replies
  • 1 Likes

Resolved! Global protect External gateway in remote user time format issue

In global protect I want to see the Total number of user are Login in and Log out at which time. In Global-protect Gateway when i click on remote user i see current and previous user connected to through VPN. When i fetch PDF/ CSV file. In file the time it will see correct but when i downlaod this file the format is change like 15182019 for lo...

Resolved! How to give supply to PA220 R

We want to power on PA220 R , but it requires DC power supply.Is there any options available in market to provide DC supply to this model ?Can we use SMPS for DC supply ?Can we get AD to DC power adapter from Palo Alto Networks ?

Deepak_K by L3 Networker
  • 4024 Views
  • 3 replies
  • 0 Likes

New GlobalProtect VPN connected but network connectivity lost after short time

Hi all, Something must have gone wrong in my config I just don't know what. Here is the situation. This is a new setup on PA-820 we have the GlobalProtect license. Some users including myself will connect to the vpn fine, access resources on the network and within a minute or so the network resources will just drop and fail, no status change ...

KJames by L1 Bithead
  • 18477 Views
  • 8 replies
  • 0 Likes

ESXi Bootstrap Cant find init-cfg.txt

I'm testing out bootstrapping VM-Series firewall in ESXi. I've followed the documentation in relation to the bootstrap package etc. But for some reason when the firewall boots with the ISO I've created attached it complains that it cant find the init-cfg.txt file. See below error I see in the console on boot.btsErrorConfig: No init-cfg.txt file ...

IPsec tunnel connectivity issues

Hi, I have an IPsec Tunnel between 2 PA's and the status of tunnel and iKE shows red but the interface is green. Please advice on the troubleshooting steps.

Akhil_B by L2 Linker
  • 4549 Views
  • 3 replies
  • 0 Likes

Resolved! IPSec VPN phase2 partial up

hello everyone I have a IPSec tunnel with Cisco ASA, and the proxy-id config is:entry1: local 1.1.1.1 remote 2.2.2.2entry2: local 1.1.1.1 remote 2.2.2.3 The very annoying things the phase2 is partial UP, when "show vpn flow", either entry1 is active and entry2 is inactive OR entry2 is active or entry1 is inactive. Is this due to the incorrect co...

DongQu_0-1619102922750.png
DongQu by L2 Linker
  • 7199 Views
  • 6 replies
  • 0 Likes
  • 24393 Posts
  • 123 Subscriptions
Top Solution Authors
Labels