General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Ensuring a Safe and Secure Community: How You Can Help

 

Dear LIVEcommunity Members,

 

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

safe-community_oct24.jpg
report-content.jpg
jforsythe by Community Team Member
  • 331 Views
  • 0 replies
  • 2 Likes

How to check VPN counters for a specifc dest IP?

how to check IPSEC VPN counters in CLI for a specific destination IP address?

Peer is claiming the traffic is leaving their firewall but I don't see it on my pcaps and logs. How do I verify the traffic is actually passing through the VPN and hitting t

...

Resolved! Panorama

Just need to know is there a max size for a Panorama log file and if so what is that size, currently we are at 1.6TB and want to make sure we are not over the limit and into possible file corruption scenario

dttech by L1 Bithead
  • 2269 Views
  • 2 replies
  • 0 Likes

Hyper-V Compatibility issues

Hey,

I'm running a 3 Node S2D on Server 2019.

Currently migrating from VMware Hypervisors which has the Palo Alto running on it, instead of doing a Migration\Conversion i want to build a new server.  

 

I'm trying to setup a Palo Alto VM-300 Series Virtu

...

System alerts

Hello Team,

I am getting system alerts in my firewall below is the error:-

PAN OS - 9.0.6

Disabled applications in vsys1: cip-ethernet-ip-disable-io cip-ethernet-ip-disable-sfc cip-ethernet-ip-enable-io cip-ethernet-ip-enable-sfc cip-ethernet-ip-read-mo
...

Resolved! Global protect static IP

Hello Team,

 

Is there any way to configure static IP for VPN(Global Protect) users.

 

Example:-

I have an IP pool - 192.168.1.0/24

User A, UserB, User C

Authentication profile is (Active directory)

When user A will connect through the external gateway for t

...

Resolved! PA-5020 to 5220

we are planning to upgrade ur existing PA-5020 to bigger boxes. our current 5020s are struggling to handle the ssl decryption and it sometimes give ''Dataplane CPU under severe load'' logs on busy days. I heard 5200 series are specfically designed fo

...

Inbound SSL decryption - Digicert

If inbound SSL inspection when using Digicert certificate is not supported, what is the alternative. We have many web-servers using same wildcard cert used for GlobalProtect and wanted use this same certificate but it doesn't work. Is there any other

...

raji_toor by L4 Transporter
  • 9496 Views
  • 15 replies
  • 0 Likes

Resolved! 40031 Threat Exception

What I am wanting to know is if I can add a range of IP addresses to a vulnerability exception.

This would be the entire 1-254 range, rather than 1 IP address at a time.

 

I have already checked the links below and they talk about adding IP addresses on

...

Email Link Analysis - does it look at all emails?

I am curious to know if the organization I work at gets a blast email to 500 employee's from an external B2B marketer does the wildfire analysis get performed on all 500 identical emails or does it simply do it once knowing the email and links are id

...

Resolved! Palo Alto lab in VMware Workstation

Hi guys,

I need some help with configuring network in VMware Workstation and Palo Alto. I tried to build VMware lab using both Udemy and CBT Nuggets video courses:


The problem is that I can't have my Palo Alto to have an access to the Internet. It does

...

4kusnik by L1 Bithead
  • 19248 Views
  • 14 replies
  • 0 Likes

Panorama: cannot use in templates objects from DG

Dear Community,

 

I have a Panorama with several firewalls in a device group under the share one.

I have several templates and I cannot select any shared object from DG into any part of template configuration, for example adding an address object as an

...

Carracido by L3 Networker
  • 2210 Views
  • 1 replies
  • 0 Likes

Pre-logon for specific user only

My requirement is that some user should use Pre-logon and other should use User-logon. Currently all users are using only user-logon mode.  

Is it possible to use both mode in global protect, because we have to call client certificate profile on globa

...

gp1.png
  • 23670 Posts
  • 108 Subscriptions
Top Liked Authors
Labels