General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Resolved! GlobalProtect Max tunnel count ?

HiI'm doing a global protection test.And we created the External Gateway and the Internal Gateway.And for the Internal Gateway, we didn't set up the Tunnel.If so, wouldn't it count to the Globalprotect Max tunnel provided by the equipment?In case of External Gateway, I think it will be applied to the count because it uses Tunnel.However, I don't...

Several subnetworks through the tunnel between Palo Alto and Mikrotik

Site 2 site allows only two networks to be pulled inside the tunnel (one of them behind the mikrotik and the other one behind the palo alto).I’ve tried different settings and it doesn't help.Has anyone had experience building a tunnel between them based on GRE tunnel over IPsec?Several subnetworks need to be passed through the tunnel.

melnikov by L1 Bithead
  • 8173 Views
  • 7 replies
  • 0 Likes

Error while checking Dynamic Updates on Panorama 10.0.1

Hi, Panorama can reach out internet but when checking the updates we are getting a message says "Error while trying to read upgrade info. Please try again later". I did follow https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClkuCAC , and it seems everything is fine on panorama. Is there anything else I need to verify? ...

Ludolfo by L1 Bithead
  • 3402 Views
  • 1 replies
  • 0 Likes

Use URL filtering and Regional blocks

We block Regions at the moment, so traffic going to Russian IPs are dropped. But lets say that I now need to allow a specific URL to be allowed to Russia. If I make a rule above our block rule that has a custom URL category associated with it and define HTTPS as the service. Will that now force layer 7 inspection on all of that traffic? Or was i...

Resolved! Can't find user for security policy rule

Having a bit of an issue but can't seem to pinpoint the solution.. When I go to add a security policy rule, under user, i cannot find specific users. However, when I go to the traffic monitor tab, I can see the user mapping is working from the User-ID agent, since I can find those same users there. Not tied to a specific firewall as I'm not ...

MikeC by L3 Networker
  • 5547 Views
  • 4 replies
  • 0 Likes

Resolved! No serial no or Auth Code on VM

Hello All, I want to create support account to license my palo alto vm. But while registering it is asking for Device Serial no or Auth Code and Sales Order no or Customer ID, wheareas i dont have any of these. My PA VM does not show serial no. Snap attached . I downloaded authorization code from PA FW but that is uuid & cpuid. How can i cr...

SSL inbound inspection not working for SMTP

I'm running PANOS 10.0.2SSL inbound inspection for a web server is working but for a seperate SMTP server it is not.Both use the same certificate.Both use the same cipher suites.Two seperate decryption rules wihich are clones of each other, only the public destination IP-adress is different.Both use the same decryption profile.The SMTP server re...

Han.Valk by L2 Linker
  • 3419 Views
  • 1 replies
  • 0 Likes

HTTPS to HTTP Redirect

HI Team, Is it possible to redirect the traffic from HTTPS to HTTP. As my webserver is using HTTP. We outside user connect it's https://abc.com it's should be redirect to http://abc.com. Please advice

Panorama SSO with SAML and Microsoft ADFS

Hello Community, we were trying to connect Panorama 8.1.4 with SAML and as an IDP Microsoft ADFS on Microsoft Server 2012 R2. We tried a lot of configuration and followed the admin-guide, but were unable to get a working authentication.The auhtd.log on palo looks good (response success) but we get an error message on ADFS "Single Sign on Failed"...

Chacko42 by L4 Transporter
  • 4238 Views
  • 1 replies
  • 2 Likes

Resolved! LDAP Rights Query.

Hi Guys, To create the service account in AD, which is utilized on the device. we know that below rights are needed.- Distributed COM Users- Event Log Readers- Server Operators My query is why it necessary, what it's justification to be a part of this rights. In cisco asa it is not necessary that's why I am have this query. Thanks in advance

Unable to add pre-defined EDL IP list in security rule destination address on panorama

Hi Team Unable to see pre-defined EDL IP list in security rule destination zone on panorama. but In firewall I can able to see the predefined EDL in security rule destination address. antivirus, content version all are same and installed on both devices ( panorama and firewall ). Note: In panorama for other firewall I can able see and add the pr...

Resolved! Link down between Firewall and Syslog server

Hi all, I'm looking for any KB or official document that explain the log forwading behavior when link between FW and Syslog server is down. As I understood that PA firewall will not resend the the log at the moment of link between them is down to sylog server once the link is back.

Resolved! Share level Yellow

Hi @lmori and @xhoms In MM 0.9.46 we have the "libraesva" miners prototypes. All of them with share level Yellow. But we don't have an output prototype with this share level. I tried to create a new one from std.feedHCGreen, but it doesn't allow to change the share level to Yellow. What is the best way to create an output prototype with share le...

  • 24393 Posts
  • 123 Subscriptions
Top Solution Authors
Labels