This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Ensuring a Safe and Secure Community: How You Can Help

 

Dear LIVEcommunity Members,

 

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

safe-community_oct24.jpg
report-content.jpg
jforsythe by Community Team Member
  • 448 Views
  • 0 replies
  • 2 Likes

Captive portal browser challenge issue

Hi team,

 

While trying to deploy Kerberos SSO for enduser authentication I came up to the following issue with the captive portal (browser challenge).

 

 

When an end user logged in a windows (part of the domain) tries to connect to "http://neverssl.com"

...

Capture.JPG
Capture.JPG

Resolved! OCSP Responder with Self-Signed Certificate

Following https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClIzCAK, I created an OCSP responded.  When creating the user certificates, for signed by I tried both the Root and Intermediate certificate.  I allowed HTTP_OCSP on

...

Capture.PNG

Resolved! GlobalProtect DNS issues in Windows after disconnect

I am using GlobalProtect 5.09 with PanOS 9.0.7.

 

While using dual monitors with a split-tunnel VPN, I find that when VPN disconnects dns resolution is still trying to use internal dns servers.  I am forced to reboot my desktop at home multiple times p

...

SSL decryption on PA incase the SSL termintated on WAF

We have a website hosted behind WAF and Firewall (Palo Alto). The WAF already has the server valid SSL Certificate from public CA. Do we need to install SSL certificate (decryption ) on PA Firewall also for inbound traffic to make it more secure ? 

msalhi by L0 Member
  • 3091 Views
  • 3 replies
  • 0 Likes

Resolved! PA 7k LACP over Multiple NPC

Hi,

 

I'm curious to know if it is possible to configure an AE Group of interfaces in a PA 7000 series appliances with interfaces accross multiple NPC's?

 

This just seems to me to be the most logical way to load share on the platform with multiple NPC's

...

Custom Application Signature

Hello

For the same application, I have several links and ports (https://application.intra.mydomin.corp:8530/toto, https://application.intra.mydomin.corp:8130/titi, https://application.mydomin.corp:8530/toto,..) and I would like to create a rule and sp

...

public ip addresses and link address /30

Hi, 


I have a question regarding public interface configuration. ISP gave me /30 link network address space and /28 public IP address pool. Can you suggest me best way to configure this public address on PA. Should I use virtual wire, loopback interfa

...

patux80 by L0 Member
  • 2917 Views
  • 1 replies
  • 0 Likes

Authentication Bypass in SAML Authentication.

Dear Support Team,
 
Please do us favour to update Security appliance Palo Alto with latest signature which help to prevent from latest vulnerability Authentication Bypass in SAML Authentication.
 
Patch requirement for CVE-2020-2021 PAN-OS: Authenticati
...

Incomplete ARP when deployed in Azure

Hello,

 

I deployed NGFW 8.1 using Terraform (v0.11.36) in Azure. It provisions VM and all the resources like resource group, VNet, subnet, IP's etc., But the only problem is with the UnTrust(eth1/1) NIC as it complains 'Incomplete ARP even after confi

...

Resolved! BGP AS-Path prepend issue

Hi All,

 

I have raised a TAC case regarding this but wanted to see if anyone had had a similar issue with a known fix?

 

We have a pair of Palo Alto's with PANOS 8.1.10 running in active-active configuration. Routing is configured using BGP. The active-

...

a.jones by L3 Networker
  • 4548 Views
  • 1 replies
  • 0 Likes

EDL not fetching data but is reachable....

Hi Team,

 

We have PA VM 300 on AWS cloud. We have configured EDL. It is reachable from Management IP all ports are allowed but EDL is not able to fetch data .

For information OS version is 9.0.3.

 

Please suggest.

 

Thank You in advance!!

user-id agent sending IP mapping with blank/no username

Dear community,

 

I have an environment where I monitor the AD servers with Windows user-ID agents to retrieve the user-ip mappings

 

There are users with several AD accounts and it´s normal seeing the same IP being mapped to different usernames deppendi

...

Carracido by L3 Networker
  • 3084 Views
  • 1 replies
  • 0 Likes

Resolved! after upgrading to PAN-OS 9.0.x issue with CP

Recently configured the captive portal on the firewall but this feature does not seem to be functional despite the fact the configuration is correct. Note that the portal was working PAN-OS 8.1.3 but after upgrading to PAN-OS 9.0.9 it stopped.

 

Note a

...

  • 23703 Posts
  • 110 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks