General Topics

Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

 

Rules and Best Practices

 

  1. Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion
...

JayGolf by Community Team Member
  • 591 Views
  • 0 replies
  • 0 Likes

Resolved! NTP SYNCHED - Wrong Time system

Hello 

I have a PA 7050 Pan OS 8.0.16

I have configured ntp server correctly and it show synched status  and i configured correct time zone AMERICA/SAO PAULO too

But the system show wrong time with +1 hour  , similar to summer time  or day light

Now a da

...

GlobalProtect Data File could not able to download

The GlobalProtect data file, located on the Device tab > Dynamic Updates contains the OPSWAT file. We could not able to download it. 

We have scheduled download but still it is not working and other content update is working fine.

 

Please find below lo

...

bit_byte by L2 Linker
  • 3242 Views
  • 2 replies
  • 0 Likes

Application Aged out

Hey guys can anyone provide  a little insight  I set up action to allow an outbound rule for a group  but I am getting an error of an "aged-out"  and its coming from port 443. Any suggestions would be greatly appreciated 

Which drivers are used in terminal service agent.

Hi,

 

What are the drivers are used in terminal service agent?

 

Following are the debug log and found error for drivers.

 

06/23/20 17:07:37[Info 331]: ------------Service is being started------------
06/23/20 17:07:37[Info 406]: Load debug log level Info

...

Resolved! WAN interface Multiple IP addresses or sub interfaces?

Hi - Looking for best practices advice on WAN interface. Currently the WAN interface has a /26 with multiple IP addresses for incoming web servers translated to different subnets behind the PAN.  Is there a default proxy arp working and is this the b

...

stoff by L0 Member
  • 6793 Views
  • 3 replies
  • 0 Likes

Resolved! policy is clear yet traffic is still DENIED

hi all, we have a policy that clearly states FROM and TO objects and SMB_override (custom app, I presume, created earlier) as the application. The service is configured as Application-default. As per Monitor, it goes straight through to the deny rule

...

igs1917 by L1 Bithead
  • 5937 Views
  • 5 replies
  • 0 Likes

Resolved! PA sending TCP RST for a NAT rule

Hi everybody,


Adding a bidirectionnal NAT rule for an ssl web server and the according security rule, connections from outside are dropped as "Incomplete". Traffic capture show that first SYN packet received is directly rejected by PA with a RST respo

...

Want to Uninstall .bat file Terminal Server Agent.

Hi,

 

While installing the VM the terminal server agent was installed through the .bat file.

Now our requirement has changed, I don't know how to uninstall the terminal server through the .bat file.

While Install the Terminal server agent this error is c

...

NAC VLAN Redirection failing

We are trying to implement a NAC solution. The basics are that the NAC is connected to the switch stack and upon sensing a device connecting, it checks it for authentication against the NAC and if it fail it quarantines it into a specific VLAN. That

...

Nonaxium by L1 Bithead
  • 4704 Views
  • 6 replies
  • 0 Likes

Certificate chain not correctly formed

Hello,

 

I am getting the warning below after importing a certificate. Is there a link/KB I can check to fix this?

 

Warning: certificate chain not correctly formed in certificate dc1pa.abcd.com.au

 

Thanks in advance!

Farzana by L4 Transporter
  • 9076 Views
  • 5 replies
  • 1 Likes

IKE Certificate Authentication Peer ID

Hi,

 

Im trying to setup a VPN connection using certificate based authentication. When Phase 1 tries to establish I'm getting the following error

 

Peer's ID payload ' IPv4_address:xxx.xxx.xxx.xxx' does not match certificate ID, Error: failed to get subj...

  • 23927 Posts
  • 113 Subscriptions
Top Liked Authors
Labels