This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Resolved! GlobalProtect BSOD Windows 8.1

Installed the latest round of Windows (and driver) updates. 1-3 seconds after GlobalProtect connects, I get a BSOD and reboot. I've read through various memory dumps and it's always one of two issues. pangps.exe - IRQL_NOT_LESS_OR_EQUAL (a)An attempt was made to access a pageable (or completely invalid) address at aninterrupt request level (IRQ...

IPSec tunnel between PA-220 and VM300 in Azure

Trying to build a IPSec tunnel between a lab PA220 and a VM300 we have in operation in an Azure environment. I think I've got all the necessary ingredients covered, and I've checked all the "How To" docs I can find, but still no luck. Are there any gotchas related to this kind of setup that I should know about as I proceed? Any advice would be...

GlobalProtect 2FA

Hi, PaloAlto VM-100 8.0.13 I've been trying to add 2FA to our GlobalProtect Gateway. I've followed the instructions described here: https://www.paloaltonetworks.com/documentation/80/globalprotect/globalprotect-admin-guide/authentication/set-up-two-factor-authentication/enable-two-factor-authentication-using-one-time-passwords-otps Probably I've ...

Static IP for GP User

hey, i have a requirement from a customer for some users to always have the same ip when they connect to the VPN for example if the IP Pool for the GP clients is: 192.168.x.110 where x will be 10-15 depends on which GP GW you are connected to. i have managed to configure using specific client settings for example for user A ip pool is 192.168.10...

minow by L4 Transporter
  • 12920 Views
  • 7 replies
  • 0 Likes

Slow SMB Transfer (and everything else slow) over Global Protect VPN

Hi community Do you also have issues with low transferrates over globalprotect VPN? And maybe already have a solution for this? I tested the following setupClient connected with GBit LAN to the internal network without VPNClient connected with Gbit LAN to the GP gatewayClient connected to the internal network with MTU set to 1400 (like with GP) ...

Remo by L7 Applicator
  • 12872 Views
  • 3 replies
  • 0 Likes

Multiple global protect portals and gateway

Hello, we have 2 palo 850 with 2 isp:primary 1.1.1.1/28 backup 2.2.2.2/28most of the zones navigate with the primary and few with the backupWe have a failover to the backup in case the primary isp goes down.We have globalprotect portal and gateway with a loopback interface all on the primary (1.1.1.5/32) vpn.domain.itThis days we are all smart...

Matteo by L1 Bithead
  • 11150 Views
  • 3 replies
  • 1 Likes

Impact to active sessions when we change a firewall NAT policy

We are going to change a source and destination NAT policy. Assuming the related security policies are in place for both the before and after change connections, are we going to see impacts to those sessions that have been active before the NAT change? For example, the NAT is to change connection source and destination from (10.1.1.1 to 10.11.1...

skuo2020 by L1 Bithead
  • 3718 Views
  • 2 replies
  • 0 Likes

Why traffic log shows that traffic match allow policy but the result was reset by default deny policy?

Does anyone have following experience and could give me some idea to fix this issue? Thanks a lot ~ I found sometimes the traffic log shows that traffic match allow policy but the result was reset by default deny policy. For example: I have a policy for allow some users to access TCP 58975.I checked traffic log and I found traffic be reset by in...

圖片1.png
圖片2.png
圖片3.png
neilwu by L2 Linker
  • 2751 Views
  • 1 replies
  • 0 Likes

Unable to access the https://panwdbl.appspot.com

Hi All, Today we have a PA Firewall and MineMeld unable to access the https://panwdbl.appspot.com is this down or decommissioned. Tried going to this URL and I get a 404 error? Has this page moved and I missed a notification, down for good or just an outage? Obviously impacts some of the EDL. Regards James Chim

http://panwdbl.appspot.com - Not Working

Do you make use of the EDLs available here? If you do you may have noticed they've disappeared, Google says the page doesn't exist. You may want to look for alternatives if you're using these lists. Jason

ethiSEC by L2 Linker
  • 6514 Views
  • 3 replies
  • 2 Likes

PBF for Guest Network

Hello, I'm trying to route all GUEST traffic on a PA firewall to ISP-2. I understand you can use PBF on the PA firewall to route based on source address. I don't have a lot of experience with PBF and have encountered a few issues when trying to implement this. Some questions I have1). Do I need a 2nd VR to do this? 2). Do I need 2 new security ...

jocisneros_coe_1-1614805195327.png

Resolved! Application dependency Warning

Hello, We implemented the blocking policy for the custom URL categories however now once committed we receive commit warning like the following: Application 'dropbox-base' requires 'web-browsing' be allowed, but 'web-browsing' is denied in Rule 'outbound-advertisement-block'Application 'google-drive-web' requires 'google-base' be allowed, but 'g...

Farzana by L4 Transporter
  • 8629 Views
  • 6 replies
  • 0 Likes

BGP show Local RIB before Import filters

Hello, After applying Import filters in BGP the Local RIB is reduced to a filtered set of routes advertised by peers. However it seems to be impossible to see what the original set of advertised routes is. The peers are still advertising these routes, but there seem to be no methods in the GUI or CLI (show routing, debug routing ...) to see thos...

  • 24381 Posts
  • 123 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks