General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Ensuring a Safe and Secure Community: How You Can Help

 

Dear LIVEcommunity Members,

 

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

safe-community_oct24.jpg
report-content.jpg
jforsythe by Community Team Member
  • 357 Views
  • 0 replies
  • 2 Likes

session disconnect during A-P failover

Hi,

 

Can anyone suggest, if we failover from Active to Passive unit on PA firewall. will this maintains the established sessions by default. 

 

Or we have to additionally enable some other setting to make this enable (should maintain session during clus

...

Jimmy20 by L2 Linker
  • 3344 Views
  • 2 replies
  • 0 Likes

LSVPN - Contingency

Hi guys,

    I have one snario that have some satellites connecting each with Global Protect Portal (Large Scale VPN) and I need implement contingency. I was trying to create other portal, other gateway , PBF in the satellites to control default route

...

Password protected internal site

Hi everyone,

 

I'm trying to migrate a rule of an ancient firewall (Microsoft ISA server) that was "publishing" an internal resource using regular HTTP - just a web page - but protected by an RSA SecurID login page. The ISA / RSA implementation was jus

...

Rievax by L2 Linker
  • 2773 Views
  • 4 replies
  • 0 Likes

Resolved! Only 0.0.0.0/32 Obtained from MindMeld Query

I have been using MeldMeld for several months in a lab environment with great success. Recently I setup a new server for our production firewalls but I have encountered a problem that I have not been able to solve.

I can query MindMeld using a regula

...

jnye by L1 Bithead
  • 10010 Views
  • 6 replies
  • 0 Likes

Resolved! Microsoft CERTSRV

Why does this have to be so difficult? 

 

I want to create a cert on the palo.  

Device > Certificate Management > Certificates > Generate

Highlight Generated Certificate > Export Certificate > Open with Notepad

Copy contents

Go to my Microsoft CERTSRV > R

...

Resolved! test security-policy-match command giving me odd output?

I was trying to work out which security policy applied to traffic through my Palo Alto from 10.77.22.10 (in the trust zone) to 10.99.0.1

Firstly, I wanted to confirm what zone 10.99.0.1 was in using this page : https://alwaysnetworks.co.uk/identifying

...

Resolved! Polling JSON Format for AKAMAI

I am trying to create a prototype for a Miner that pulls IP's from a JSON formatted file. I have looked at the documentation for setting up a JSON miner (https://live.paloaltonetworks.com/t5/MineMeld-Articles/Using-MineMeld-to-extract-indicators-from

...

Resolved! Migration without Expedition

Hello

If I wanted to migrate from Checkpoint to Palo with Panorama, but not use Expedition, what would be the general steps?

 

Thank you for your time.

Configure HA1/HA2 command line

Need to configure the following in CLI:

Control Link (HA1)

Port ha1-a

 

Control Link (HA1 Backup)
Port ha1-b
 
Data Link (HA2)
Port ethernet1/1
 
Data Link (HA2 Backup)
Port ethernet1/2
 
Any insight would be appreciated.

PA-5250 Power Supply Question

Do the power supplies within the PA-5250 load share? This is probably a real simple question but I have not found an answer within the documentation yet?

 

Thanks!

B_Turner by L0 Member
  • 2345 Views
  • 1 replies
  • 0 Likes

Resolved! import device state order

Hi,

I've done this successfully in the past, but cannot remember the proper order.   I have a PA-200 that I want to replace with a PA-220.  The PA-220 is in Panorama, its a device group + template.

 

Should I

1) configure the PA-220 with basic ip connect

...

ce1028 by L4 Transporter
  • 15168 Views
  • 12 replies
  • 0 Likes

PAN-DB URL Version Remains 0000.00.00.000

The firewall is running 9.1.4 (5250).  The mgmt interface does not have general internet access so service routes have been configured for the following to use the external interface (internet connected):

 

DNS

EDL

NTP

Palo Alto Networks Services

URL Updat

...

jlieberman_0-1600970729070.png
  • 23676 Posts
  • 108 Subscriptions
Labels