General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Securing Private Keys with nCipher HSM

We have been trying for months, unsuccessfully, to complete our integration with the nCipher HSM (formerly Thales nShield) in order to protect the private keys for SSL Forward Proxy. The firewall is connected and authenticated to both the HSM and RFS

...

How to install self signed certificate to Android phones

hello all

after upgrade to new GP 4.1.8 there is some kind of problem

The phones try to connect to portal and gateway and after it we get security warning but we continue and get connected

But then when we try to connect ones more the GP says it is fail

...

Radmin_85 by L4 Transporter
  • 2534 Views
  • 1 replies
  • 0 Likes

EDL for Free Email services?

I'm looking for an EDL that would have all the free email services (@gmail.com, @yahoo.com, @hotmail.com, etc..)  Is anyone aware of anything like this, that is maintained, or would we need to build something?  

Resolved! QoS

Hi Community,

 

I am having some queries about PA qos.

My requirment is for example, i need to control upload in following scenario

  • I have a 50 mbps link from isp
  • i have clear and tunnel traffic,
  • My tunnel traffic should not go beyond 25 mbps in any scenar
...

Packet drops in LAN interface,..

Hi All,

For a 5 minutes we are unable to access internet ( even not able to ping next hop router), We observed that there is a packet drops in PaloAlto LAN interface, below snap shows the same. Can any body give the reason for this packet drops?

Please

...

Gururaj by L4 Transporter
  • 7227 Views
  • 10 replies
  • 0 Likes

Question to Signal, Skype and Google Hangouts video calls

Hey guys,

When I want to do a video call with Signal messenger, I need to add two rules:

 

Rule1:

App: Signal

Service: application default

 

Rule2:

App: STUN

Service: any

 

Signal accesses random destination ips on random ports.

 

Skype and Google Hangouts need t

...

MPI-AE by L4 Transporter
  • 1478 Views
  • 1 replies
  • 0 Likes

how to download the ca certificate for the anydesk

HI Team 

 

I getting an error while connecting to any desk error code: could not connect to any desk network SSL_14090086

I tried to add the SSL decryption list but still, the issue remains 

 

how to add the trust certificate for any desk and is there any

...

HemanthV by L2 Linker
  • 5301 Views
  • 1 replies
  • 0 Likes

Resolved! User not in Allow list

Hello,

 

We use SAML authentication profile. with PAN-OS 8.0.13 and GP 4.1.8.

 

Followed the document below but getting error: SAML SSO authentication failed for user. Reason: User is not in allowlist.

 

http://saml-doc.okta.com/SAML_Docs/How-to-Configure-

...

Resolved! userid in multiple VSYS environment

Hello,

 

We are using PA cluster in multiple VSYS environment. We would like to be able to configure user / group based policies across all the VSYS by sharing userid mapping table with all the VSYS (the user identification baseline is the same for all

...

Resolved! Troubleshooting Application Incomplete with two way TCP traffic

We are having issues with one application while migrating the network from ASA to PA

PA is Running 8.0.9 on 3020.

 

Application shows as incomplete with more than 4 packets.

We see trasmit and receive in the PA.

Nothing in threat logs.

 

As per TAC they say

...

MP18 by Cyber Elite
  • 9208 Views
  • 6 replies
  • 0 Likes

Resolved! Phase 1 is down but phase 2 is up- test vpn phase 1 and 2

we have tunnel from PA  to vendor which is using Cisco ASA.

When there is no interesting traffic tunnel is down by design this part is ok.

 

but today i saw phase 1 as red and phase 2 as green on gui.

I did the 

 

test vpn ike command and phase 1 was green

...

MP18 by Cyber Elite
  • 3507 Views
  • 2 replies
  • 0 Likes
Top Solution Authors
Top Liked Authors