General Topics

Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

 

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! 

 

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 195 Views
  • 0 replies
  • 0 Likes

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

 

Rules and Best Practices

 

  1. Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion
...

JayGolf by Community Team Member
  • 878 Views
  • 0 replies
  • 0 Likes

Panorama - Remote PA52xx

I have not had much hands on with Palo Alto in particular Panorama but I would like to ask for some help -

We have Panorama at our central Data Center which is used to Configure our remote PA52xx's. 

 

If Panorama is used to apply policy to a firewall a

...

mcronin by L0 Member
  • 1950 Views
  • 1 replies
  • 0 Likes

PAN-OS 9.0 URL DB manual Download not available

Hi,

 

not sure if I to stupid to find it, but after upgrading to PAN-SO 9.0 there is no more option under Licenses URL DB to download the URL DB manually. 

 

In an Active/Passive Cluster the Active Firewall downloads the URL DB every few hours, but the p

...

holbem by L1 Bithead
  • 5286 Views
  • 3 replies
  • 0 Likes

Resolved! Untrust interface we have created Global protect gateway

we have separated GP portal and GP gateway interface.

Untrust interface we have created Global protect gateway and we allowed ping on the interface but when we are typing untrust interface IP address on our browser eg https://112.20.20.1 . We are gett

...

Sonu_Singh_0-1595145568421.png
bit_byte by L2 Linker
  • 5404 Views
  • 4 replies
  • 0 Likes

Resolved! exclude-access-route is an invalid ipv4/v6 address

Hi All,,

 

I'm getting this error, see attached, when trying to add new routes to Global Protect Split Tunnel config.

 

 

Only thing I can think of, we're running v9 on Panorama and v8 on the firewalls. do the firewalls not like the format when trying to

...

MicrosoftTeams-image.png

Why do unused rules show traffic hits?

I am doing cleanup of old unused firewall rules. Using the UNUSED policy optimizer I noticed that some rules are showing Traffic usage but 0 hits? Can someone explain why this is? I am wary to trust the HIT count until I understand the correlation. B

...

PeteHalatsis_0-1595009863372.png

Block Tor application traffic.

Hi

 

We are planning to block Tor application traffic in our PA device , so do we need to write security policy in both the direction  and also share the steps to block the traffic in Palo Alto device.

 

Thanks,

Yusuf

 

 

Yusuf_PA by L1 Bithead
  • 9954 Views
  • 10 replies
  • 0 Likes

radius authentication issue

After the device PA-500 is upgraded from 7.1 to 8.1.15, the radius authentication of the user name and password of the device fails, and we can only log in to the device through local authentication. After performing Radius-related configuration acco

...

Eccomtac by L0 Member
  • 3725 Views
  • 1 replies
  • 0 Likes

PAN-OS 8.0.15 issues X SNMP

We updated the 2 pair of Firewalls on last sunday to 8.0.15 and after that our CACTI stop to show the interfaces statistics from PA-5020.
Cacti is monitoring the updated PA-3020 correctly.  The issue only happen with PA-5020.


Did anyone experience some

...

mmcastr by L1 Bithead
  • 2063 Views
  • 1 replies
  • 0 Likes

PBF with nat

Hi

 

So I have 1 internal address that when it goes out via the PA to the internet (SNAT) i want it us a specific route - net hop.

 

So it looks like I can't set pBF on source address (SNAT). has to be on the original address.

and I can't specify outbound

...

Resolved! Question about Active/Active HA with Layer 2 Interfaces

Hello,

 

I have read the Administrator's Guide and the Use Cases for Active/Active HA but just wanted to get some confirmation that I am understanding the requirements correctly. We have two identical Palo Alto firewalls that we want to setup HA with.

...

Global Protect new Linux UI

I have the GP Linux CLI client working without any issues, however I wanted to test the UI client that just came out (5.1.0) Does anyone know how to actually use this? The PAN documentation has not been updated to mention this new version or the Linu

...

hshawn by L4 Transporter
  • 35633 Views
  • 18 replies
  • 0 Likes
  • 24011 Posts
  • 115 Subscriptions
Top Solution Authors
Top Liked Authors
Labels