General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

LIVEcommunity System Update - Delayed

UPDATE 11/8/23 11:43 a.m. EST:

LIVEcommunity’s System Update will be delayed. This means your use of LIVEcommunity will not be impacted this week (11/8-9), and you can proceed with business as usual.

 

Thank you again for your patience and stay tuned

...

jforsythe by Community Team Member
  • 281 Views
  • 0 replies
  • 0 Likes

New Area for Engineering Blogs on LIVEcommunity!

We are excited to announce a new Engineering Blogs section on LIVEcommunity, exclusively curated by Palo Alto Networks engineers!

 

This dedicated area will be home to technical posts about Palo Alto Networks innovations to build scalable and reliabl

...

jennaqualls by Community Team Member
  • 532 Views
  • 0 replies
  • 1 Likes

How and Why to Accept a Solution to Your Post

Did you know that you can help your fellow community members by accepting solutions when a reply answers your question Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature

...

JayGolf_0-1691518400714.jpeg
JayGolf by Community Team Member
  • 1820 Views
  • 2 replies
  • 10 Likes

ACC tab "Applications using Non Standard Ports"

Hi PA Live Community,

 

Still a newbie to the whole PA world but slowly getting there.

When looking at the ACC tab of the GUI I can see there are entries for  "Applications using Non Standard Ports" and also  "Rules allowing Applications on Non Standard

...

Rule Screenshot.JPG
ACC Screenshot.JPG

Testing non-http mfa feature with GP

Hi there.

 

Documentation is rather slim here. I've set ut MFA for web site access, and it works. When testing it for non-http, accessing a SSH server, it kills the SSH connects, but no 2FA challenge on my GP. 

 

What am I doing wrong? What's needed?

 

I'v

...

gtomte by L3 Networker
  • 9913 Views
  • 11 replies
  • 0 Likes

Resolved! HA1 Backup Down - PA220 9.0.4

Hi All,

I have followed the PA design for creating an HA Active/Passive pair of PA220s.

 

I see however that HA1 Backup is showing red/down.

 

Attached are the relevant sections and a High Level Topology of the HA setup.

 

Any advice?

If I reboot the active

...

HA Screen 2.JPG
HA Screen 1.JPG
HA Screen.JPG
PA Topology.JPG

Resolved! SSL Decryption URL and App Filter

Hello everyone,

I have to block some URLs and applications as per our company policies. Since we dont have a general rule from the inside zone to the outside (Internet), we are very restrictive in our access to the internet, and since there are some w

...

joseglez by L1 Bithead
  • 3153 Views
  • 2 replies
  • 0 Likes

SD-WAN policy name not showing for ping application

In our demo SD-WAN setup we have a couple of SD-WAN rules for ping traffic and also a catch-all rule for all unmatched traffic. For most of the tested applications everything is fine. But for ping (and traceroute) the SD-WAN policy name field in traf

...

santonic by L6 Presenter
  • 2000 Views
  • 0 replies
  • 1 Likes

Resolved! Outbound RDP access

I just heard one of my coworkers saying we need to block outbound access to RDP, I didn't have chance to follow up with him what him because of COVID-19.  I am trying to to understand what would be the reason, is that a best practice possibly?

 

 

Amin2 by L1 Bithead
  • 4183 Views
  • 4 replies
  • 0 Likes

FIPS 140 and CC enabling?

Couple of questions on FIPS.

 

  1. When you enable FIPS140 on a Palo it wipes the device. Can you just reload your last saved?
  2. Can a FIPS140 enabled device talk to a non-FIPS device over an ipsec tunnel provided the cyphers are compatible?
  3. FIPS disables PAP.
...

HA for 3250 FW throught VXLAN

Hi everyone!

I have an interesting case. My topology is:

PA 3250 HA1------> Nexus 9000---------------VXLAN Overlay-------------------- Nexus 9000--------> PA 3250 HA1

                               vlan 2201                                             

...

Rdp windows

Hi,

is it a good idea giving access to public windowd  rdp ?.

Folks says do not publish outside 

Any good reason for this ?

Thanks

 

simsim by L4 Transporter
  • 5954 Views
  • 11 replies
  • 0 Likes
Top Liked Authors