General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

MFP devices wont scan to email anymore

Hello guys and Happy New Year!!First time when I use an palo alto device. So I configure this device PA-220, and I put it on my network.Everything works great but I have some problems; For example now all my MFP devices wont scan to email anymore. I use PAN OS 8.03. Some advices ?Thank you,

Resolved! Removing Un-Installed PANs from Panorama> Templates

We've closed an office and took the two PA-500s off the network, and are now attempting to remove them from Panorama (following this procedure: https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000Cmd6CAC ). Everything is good up to 3 a. Panorama Templates: Remove the device from "Template-Stack"...I have multiple devices i...

Resolved! how to View Pre-Shared key in PA

i'm have issues with IPSEC Tunnel which is configured by another engineer. currently facing issues with Tunnel connectivity and i need to cross verify the parameters. So can someone guide how to heck pre shared key in plain text format @IPSec IPSec S2S VPN between Palo Alto and 3rd party Security FW Vendor -> ISAKMP Negotiation Question regar...

Virtural router how many do have and when to have multiple

Hi So I am doing some network segregation. I have vr with say 40 interfaces on it.I want to add 3 more.can i create a new vr (vr_b)place the 3 interface on the new vr (vr_b) and then create a vlan to connect vr original (vr_a) to new vr (vr_b) When do you create a new vr ?And what is the down side.

Resolved! Slots as it relates to interface

Apologies for the simplicity of the question, but can someone help me understand the relationship between slots and interfaces? Network > Interfaces > Add Interface (You pick a Slot and then an Interface Name) - but I don't understand what one has to do with the other. Hopefully my questions makes sense to someone. Thanks.

Resolved! It's possible to block custom file hash-256

It's possible to block custom file hash-256 in Palo alto.Please let me know how I can check the respective file hashes disposition at a wildfire, either it is in block or not. Here is below the file hashes need to know for disposition. f743c0849d69b5ea2f7eaf28831c86c1536cc27ae470f20e49223cbdba9c677ce56d45628f0c2bda30ab235657704aac50a8433bdb4215c...

PA-Aggregate-Group-Configuration-Dual-Uplink-Core-Switch

Dear Techs, Hope you all are doing fine and safe. Can some one give me an insight on how I can configure 'Aggregate Interface Group' so that I can maintain a high availability for Internet traffic with my core switch? To make it more simple. The below is my current scenario. From a single cisco core switch, up-links goes to the firewall and the...

Resolved! Issues with login into Certmetrics

Hey guys, I just completed PSE Professional certification and received on e-mail that I can look up my Certification. This would be my first time logging, so I chose that option. When I enter my e-mail address that I used to apply for exam, I get this message: Unfortunately, more than one candidate in the system is using this email address. You ...

DKasabji by L2 Linker
  • 6896 Views
  • 2 replies
  • 0 Likes

Can an EDL be used in log searches and custom reports?

I'm interested in blocking inbound traffic from known TOR exit nodes. I have the EDL but want to see what the impact of this policy will be before enabling it, so I'd like to search the traffic logs or run a custom report using the EDL like an address group. Our 7050 (9.0.9h-1) doesn't like the EDL as a search term. Is there a way to do this?...

gleduc by L1 Bithead
  • 3826 Views
  • 2 replies
  • 0 Likes

Resolved! test security-policy-match shows blank output instead of "No rule matched"

Hello to the community, First I'd like to thank everyone for contributing. The community is invaluable. I was wondering if anybody have any ideas why I always see this behavior? Reading through the discussions and doing my own research, I have seen it result showing "No rule matched" whereas my output is always just blank when no rule is matched...

gb2057 by L1 Bithead
  • 5638 Views
  • 2 replies
  • 0 Likes

Dedicated Log Collector interfaces

All, I am having trouble finding good documentation on this. Hoping maybe the community has experience with it. I need a few questions answered. We have 2 M600 dedicated log collectors. We plan on utilizing the 10 GB interfaces for Device Log Collection. That part is clear as spring water. The part that is very muddy Log Collector External Log F...

Administrative Install

I'm having trouble finding the correct administrative installation process. I have several field reps that do not have administrative rights to their laptops. I need to install GlobalProtect for them and have it pre-configured with proper certificates, portal addresses, etc. My certificates are self-generated by the firewalls, so are not trus...

Syslog - LFP options

Hi Guys We have PA with version 9.0.4 and have to configure Syslog server log forwarding on the same. Created (syslog) server profile..Now creating "Log Forwarding Profile" there are options "forward method" and "built-in-action" available there. which is not giving so much clarity what need to be configure there, Referred few articles available...

Jimmy20 by L2 Linker
  • 4633 Views
  • 5 replies
  • 0 Likes

Converting a cluster to FIPS-CC?

Given all of the hurdles one has to go to to get a stand alone device converted to FIPS-CC, I'm told I have to do this on a cluster, so needless to say my anxiety is a bit on the "through the roof" side. Maybe I'm not looking hard enough, but I'm unable to find the steps for an active/passive cluster. I'm assuming someone has already done this,...

  • 24393 Posts
  • 123 Subscriptions
Top Solution Authors
Labels