General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Support Portal display name is incorrect

Hi All, I have a little concern such that in the support portal, when I tried to create a support ticket, my name is shown as the first part of my email. Even I updated the display name section, still it shows as earlier. Is it possible to reoslve this issue?

Udana by L1 Bithead
  • 3498 Views
  • 3 replies
  • 0 Likes

Resolved! Two GP portals with two different certificates

Hi,Was wondering if any one has run two server certificates for two GP portals having two different URLs? In theory it shouldnt matter, and the server will be presenting whatever portal the user selects. The gateways will be different and will also be using the same cert profiles as per their respective portals. Anything i need to watch out for?

SNI for GlobalProtect

Hi, is there a way for globalprotect to only listen to a specific URL and forward all other FQDNs?I already have webservers behind the palo listening to specific SNIs and would like to keep it this way.

CLIq by L3 Networker
  • 6639 Views
  • 3 replies
  • 0 Likes

OSPF Adjacency Issues

We've got a Cisco 7301 routers that forms OSPF adjacencies with an HA pair of 5020 firewalls. Recently I swapped this router out with a different router with the same IPs but different configs to test a new WAN connection. OSPF forms up just fine with the new router. After testing concluded and swapping back to the old router OSPF freaks out....

aglej by Not applicable
  • 25485 Views
  • 14 replies
  • 0 Likes

Unable to see Current connection output of DOS Statistics.

Bellow are the output. PA-FW1 vsys4(active)> show dos-protection rule internet statisticsRule: VDI-to-internet, idx: 0, id: 2Classified profile: DOS-ClassifiedClassification Criteria: destination-onlyAction: protectLog Forwarding profile: defaultClassified profile: DOS-Classified----------------------------------------------------------------...

Resolved! DNS Proxy listen to broadcast?

Hello!I have a cisco wlan accesspoint (at remote site), which lost connection to central wlan-controller. Due to a mistake this ap still has static ip-address, so it does not send DHCP-discover/requests when it is started. But it sends DNS-requests searching for "cisco-capwap-controller". So I thought it might help to configure a DNS-proxy on th...

ChrisCon by L2 Linker
  • 6312 Views
  • 7 replies
  • 0 Likes

show log traffic equal api or cli (ssh and scp or api)

Hii am looking and recover on a machine1 example: "show log traffic log (ip source destination port ect ..)Machine1---> scp admin@palo ---->show log traffic direction equal etc ... export .. or https://palo/api/?type=op&cmd=<show><log traffic direction equal...> etc.. it's possiblethank you

axelfa by L2 Linker
  • 3458 Views
  • 2 replies
  • 0 Likes

Resolved! Help understanding application dependency tree

Hello all! I am trying to find more information about the attached image - specifically when selecting an application in the process of creating a security policy, some applications appear to have dependency trees (shown) In this example of SNMP, SNMP is shown with several apps that appear to fall under it-snmp-base-snmp v1 v2 and v3Does this ...

Resolved! PAN 3220 10Gbps SFP compatibility?

Is it possible to use 10Gbps MM optics transceivers or copper in the PAN 3220?I want to get 2Gbps to my edge and wondering if there's an option other thanbonding two 1Gbps ports. Thank you.

DHCP stuck at offer

Hi Team, I have configured DHCP server on PA.It is working fine.I check GUI and CLI it shows one IP is sitting at offer show dhcp server lease interface ethernet1/12interface: "ethernet1/12" id: 75Allocated IPs: 4, Total number of IPs in pool: 155. 2.6% usedip mac hostname state duration lease_time192.168.200.100 98:18:88:77:e9:d7 committed 60...

Resolved! SCCM app deploy issue

I am working on testing improvements to our rule sets by breaking the rules into app groups as opposed to just allow all.Pretty much everything is working fine except for OSD deployment via SCCM. In particular the O365 click to run installer. The deployment process runs fine up to the point of installing office where it hangs for a very long tim...

Jamesy by L2 Linker
  • 5548 Views
  • 2 replies
  • 0 Likes

Palo Alto and CIsco Jabber isssues with Global Protect

Hi, We are having issues with cisco jabber using Global Protect.Clients reported that the jabber status (online/offline) is wrong so they have issue calling. The rule VPN-SSL zone to inside is any/any, so no restriction. Looking in pcap we can not see any drop.I have no evidence in the FW but the common point is the Palo with VPN GP.Have you rep...

BigPalo by L4 Transporter
  • 3510 Views
  • 1 replies
  • 0 Likes

Some users do not appear in the url filtering monitor logs.

Hello community I have a PA-220 firewall with version 8.1.16, the error that is occurring is as follows I have several users in a policy which has url filtering, some users are not shown in the logs of url filtering. When I filter users that are in the url filtering policy, some of them show up in the logs and others do not show anything even th...

URL_filtering.png
  • 24400 Posts
  • 123 Subscriptions
Top Solution Authors
Labels