General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Resolved! About DIPP Translated Address type (SNAT)

Hello, 

 

I have a question related to the DIPP translation. I understand de DIPP Interface. Many IP addresses can use the same IP. But I need to translate internal IP addresses to one specific IP different from the Outside Interface. If I use the DIPP

...

iscott_0-1593190978310.png
iscott by L2 Linker
  • 2721 Views
  • 3 replies
  • 0 Likes

Resolved! GlobalProtect Client issues on MacOS Catalina

I'm trying to configure GP Client on a MacOS Catalina (10.15.3) to connect via VPN using PKI certificates. I'm using GP version 5.1.1 (also I've tried with 5.0.6). The problem is that it does not prompt me to select my client certificate and eventual

...

ajrneo by L0 Member
  • 14601 Views
  • 3 replies
  • 0 Likes

8.0.2 Management SLOW, SLOW, SLOW on PA500

Has anyone else noticed that the management functions through the web interface are incredibly slow with 8.0.2?  Committing even a simple change brought these timings:

- 1:10 just to get the progress bar beyond zero

- 3:42 to complete the commit.

 

Seems

...

Migration from Palo Alto Multivsys to single Vsys

Hi Team,

Is there a we can migrate a PA 5050 multivsys configuration from one appliance and migrate it to two different 3220 appliances. Where Each Vsys from single PA 5050 goes to different 3220 appliance. For instance (Vsys1-PA 5050) should converte

...

Migration from 5060 to 5260

Hi Team, 

 

Currently working on a PA migration 5060 to 5260. I tried to import the config in to the expedition tool, which  is exported from PA-5060 appliance. I found the below error on expedition.

I also tried to import it after converting to zip fil

...

SureshBalaji_0-1588058641095.png
SureshBalaji_1-1588058908486.png

Resolved! Equal Cost Multiple Path (ECMP) - Limit 4 (PA-5220)

Hi All,

 

I need your inputs here. I have a client using ECMP (4 Links.) and they recently procured another ISP making it 5. Based on the documentation of Palo Alto Networks, the max ECMP is 4. Is there any other work around to make ECMP 5 or utilize t

...

Resolved! SSL inbound inspection cert

Might be silly question, For inbound inspection does the cert has to be a CA.

We use a wildcart so that will have to imported as CA, correct?

raji_toor by L4 Transporter
  • 7207 Views
  • 11 replies
  • 0 Likes

Resolved! Panorama IP Variable set to none/null possible?

I'm pretty sure this isn't supported and I haven't been able to get this to work.  I am attempting to use a single network interface template for multiple sites.  Some use 30 sub-interfaces and some may only use 3.  I want to push every sub-interface

...

Palo alto splunk syslog view

 
 

Hi Community,

 

While exporting syslog from palo alto splunk in default format, what is the default format for config logs.

 

Where I can see the default format. Next to hostname what is that value "1" where it comes from?

 

output.jpg

SSL Inbound // decrypt-unsuppot-pram

What can i do here..Is it something we have to fix on server side or firewall.

 

Not Working, Block sessions with unsupported cipher suites, Selected.

Protocols allowed min SSL3.0 to MAX

 

 

Working, with Block sessions with unsupported cipher suites, Un-s

...

raji_toor_1-1593023342068.png
raji_toor_0-1593023022338.png
raji_toor by L4 Transporter
  • 2281 Views
  • 3 replies
  • 0 Likes

Session Keep Alive packet size

 Good Afternoon Community!

 

I believe there is a minimum packet size for an application keep-alive packet for Palo Alto to register a session match. I am just having a hard time finding that documentation.

 

Does anyone know and could share or am I mist

...

  • 24293 Posts
  • 99 Subscriptions
Top Solution Authors
Top Liked Authors
Labels