General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Resolved! The SSL Certificate is showing unsecure in one device

I have installed an SSL certificate on my firewall it is working fine for all of our Palo Alto devices except one device as it is showing it is not secure.

I checked and I found that the device is still using the localhost generated certificate. I don

...

Resolved! User-ID: ip-user-mapping not working from LAN

Hi all,

 

I tried to configure the User identification for our LAN zones with PAN OS 7.1.3. I have the following Environment

 

Windows 2012 R2 Server

PA-500 with 7.1.3

 

I can see more than 200 users known by the firewall

 

admin@firewall(active)> show user u

...

Panorama - Remote PA52xx

I have not had much hands on with Palo Alto in particular Panorama but I would like to ask for some help -

We have Panorama at our central Data Center which is used to Configure our remote PA52xx's. 

 

If Panorama is used to apply policy to a firewall a

...

mcronin by L0 Member
  • 1708 Views
  • 1 replies
  • 0 Likes

PAN-OS 9.0 URL DB manual Download not available

Hi,

 

not sure if I to stupid to find it, but after upgrading to PAN-SO 9.0 there is no more option under Licenses URL DB to download the URL DB manually. 

 

In an Active/Passive Cluster the Active Firewall downloads the URL DB every few hours, but the p

...

holbem by L1 Bithead
  • 4481 Views
  • 3 replies
  • 0 Likes

Resolved! Untrust interface we have created Global protect gateway

we have separated GP portal and GP gateway interface.

Untrust interface we have created Global protect gateway and we allowed ping on the interface but when we are typing untrust interface IP address on our browser eg https://112.20.20.1 . We are gett

...

Sonu_Singh_0-1595145568421.png
bit_byte by L2 Linker
  • 4776 Views
  • 4 replies
  • 0 Likes

Resolved! exclude-access-route is an invalid ipv4/v6 address

Hi All,,

 

I'm getting this error, see attached, when trying to add new routes to Global Protect Split Tunnel config.

 

 

Only thing I can think of, we're running v9 on Panorama and v8 on the firewalls. do the firewalls not like the format when trying to

...

MicrosoftTeams-image.png

Why do unused rules show traffic hits?

I am doing cleanup of old unused firewall rules. Using the UNUSED policy optimizer I noticed that some rules are showing Traffic usage but 0 hits? Can someone explain why this is? I am wary to trust the HIT count until I understand the correlation. B

...

PeteHalatsis_0-1595009863372.png

Block Tor application traffic.

Hi

 

We are planning to block Tor application traffic in our PA device , so do we need to write security policy in both the direction  and also share the steps to block the traffic in Palo Alto device.

 

Thanks,

Yusuf

 

 

Yusuf_PA by L1 Bithead
  • 8033 Views
  • 10 replies
  • 0 Likes

radius authentication issue

After the device PA-500 is upgraded from 7.1 to 8.1.15, the radius authentication of the user name and password of the device fails, and we can only log in to the device through local authentication. After performing Radius-related configuration acco

...

Eccomtac by L0 Member
  • 3127 Views
  • 1 replies
  • 0 Likes
  • 24297 Posts
  • 99 Subscriptions
Top Solution Authors
Top Liked Authors
Labels