This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Ensuring a Safe and Secure Community: How You Can Help

 

Dear LIVEcommunity Members,

 

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

safe-community_oct24.jpg
report-content.jpg
jforsythe by Community Team Member
  • 264 Views
  • 0 replies
  • 1 Likes

Palo Alto Virtual Firewall

Dear Friend,

 

Can you anybody advice me on palo alto multi vsys capability issues and currently contests of this technology? If one virtual instance compromise how we can make sure it not impact to other vsys ? How multi vsys behaviour on privileged e

...

Resolved! PA-220 won’t get IP from ISP.

Hey, all. I have a PA-220 that I am trying to setup on my network. I connected it up and set up the layer 3 on it, then turned my router into an AP and lost all connectivity.

 

Currently I have it connected to my modem on ethernet1/1, and As it is a re

...

Filter out whatsapp video only from PA220

Hi, 

 

Is it possible to Filter out whatsapp video only from PA220, or of there is a workaround solution to allow only Text and Images on a PA220 
We have business need to use whatsapp text and Images only 

 

Thank you 

Resolved! Region-to-IP mappings

We have noticed wrong region mappings for ABC 3G public range that is detected on Palo Alto as Armenia country.

Please advise on how to update/fix the mappings dynamically through updates.

 

 

Although IP belongs to Iraq on public databases

Content update

...

Mohammed_Yasin_0-1594044009119.png
Public.jpg
GEO.jpg
Update.jpg

Resolved! ipsec question

Hi

 

So i have my public interface ae1.10

I attached a ikev2 interface to that and attach it to tunnel.50

 

no the other side of the ipsec tunnel are providing 192.168.10.0/24 and I am providing 192.168.250.0/24

 

do I have to place a static route in the v_

...

Resolved! HA config sync

Hi guys,

 

I wanna know the Comment column under Network---Interface tab synchronizes when PA is set up as Active- Passive HA?

I assumed it wont, and made some changes in comments coloumn and later found out it got synced.

 

I referred the PA document:

htt

...

Seeing these errors in my log pan_packet_diag.log

Hi

 

seems to be filling up my log file ?  I have no idea 

 

2020-07-04 12:09:26.595 +1000 Error: pan_cfg_url_policy_need_hdr_insrt_log(pan_cfg_url_policy.c:274): url_profile (nil), cfg available: 1
2020-07-04 12:09:26.595 +1000 Error: pan_cfg_url_policy_

...

Captive portal browser challenge issue

Hi team,

 

While trying to deploy Kerberos SSO for enduser authentication I came up to the following issue with the captive portal (browser challenge).

 

 

When an end user logged in a windows (part of the domain) tries to connect to "http://neverssl.com"

...

Capture.JPG
Capture.JPG

Resolved! OCSP Responder with Self-Signed Certificate

Following https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClIzCAK, I created an OCSP responded.  When creating the user certificates, for signed by I tried both the Root and Intermediate certificate.  I allowed HTTP_OCSP on

...

Capture.PNG

Resolved! GlobalProtect DNS issues in Windows after disconnect

I am using GlobalProtect 5.09 with PanOS 9.0.7.

 

While using dual monitors with a split-tunnel VPN, I find that when VPN disconnects dns resolution is still trying to use internal dns servers.  I am forced to reboot my desktop at home multiple times p

...

SSL decryption on PA incase the SSL termintated on WAF

We have a website hosted behind WAF and Firewall (Palo Alto). The WAF already has the server valid SSL Certificate from public CA. Do we need to install SSL certificate (decryption ) on PA Firewall also for inbound traffic to make it more secure ? 

msalhi by L0 Member
  • 3061 Views
  • 3 replies
  • 0 Likes
  • 23630 Posts
  • 107 Subscriptions
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks