General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Video problems

hi, im having problem with videoconference LIFESIZE, the calls work but we cannot see the video. We have a rule any any permit and we dont know whats happening. I read about disable statefull packet inspection in our firewall. how can i do this in PA??

Customer Support Portal 2FA Disable

In trying to improve the security of our access to CSP, I enabled 2FA at an account level. In testing, it was not as configurable as I wanted, so I disabled it for the account. In attempting to disable it for my own account (as required after enable/disable for the account), my profile change is not saved. I will get the "changes saved" messa...

cdwing by L1 Bithead
  • 3178 Views
  • 1 replies
  • 0 Likes

Resolved! How to clear global protect previous users

I configure global protect users in address about 1000 for future plan.but users is only about 200.when gp users connect, it cannot get old IP address. Get new IP address.How can I clear previous users and IP address.

zayyar by L0 Member
  • 7041 Views
  • 2 replies
  • 0 Likes

Minemeld Gridmeld Cisco ISE integration

Hi, recently we configured Minemeld with Gridmeld to fetch SGT-IP bindings from Cisco ISE over RestAPI (PxGrid). Minemeld is pushing the SGT-IP Bindings correctly into the dynamic object groups. However, we noticed the IP to tag bindings are sometimes missing from the Palo Alto (checked with "show object registered-IP all") and 1 minute later ad...

Isssue with EDL updates

We have already configured the EDL feature in Palo Alto but the following behavior of Palo Alto has been observed while accessing the digital App and digital.com from the internet using 03 different blacklisted public IPs by Spamhaus (which is also used by Palo Alto). Two of them are allowed while one IP is blocked, while the Palo Alto Spamhaus ...

IP 1.JPG
IP 2.JPG
IP 3.JPG

panwdbl request

I have few Public IP which is blacklisted by there respective publishers, but it's not listed to panwdbl.appspot.com list. How I can send a request for updating the those IPs

PAN-ENT-PLAT-ESA-TT-1YR

Hello Dear All, Can you provide me with specification documents for these part numbers:PAN-ENT-PLAT-ESA-TT-1YR, PAN-ENT-PLAT-ESA-TT-3YR, PAN-ENT-PLAT-ESA-TT-5YR?Appreciate your fast responseThanksAhmed Sabry

AAhmed by L1 Bithead
  • 5788 Views
  • 6 replies
  • 0 Likes

Resolved! strange problem only with a full tunnel on one gateway

I have two gateways where users are predominantly using split-tunnels. When I connect to Gateway A with a full tunnel, I can load public webpages and intranet sites. When I connect to Gateway B with a full tunnel, I cannot load public webpages like cnn.com, traffic logs show application incomplete to untrust zone, and traffic to the trust zone ...

New VM-100 deployment, cannot ping or tracert to external websites

Just setup a new VM-100 device in Azure. SSL decryption and security policies are in place. My test client PC can browse the web, and all of the policies seem to work. However, I cannot ping or tracert to any public website (e.g., www.apple.com). The DNS resolution works, I see that the ping traffic is allowed in the monitor tab, and I disabled ...

HA failover between two geo-separated firewall

We are going to configure Active-Passive HA for PA3250. Primary and secondary device both at different locations , distance - 25 Kilometer.Location A ( Primary FW) --- L2 switch -------------P2P link 60 Mbps-------------------------L2 Switch -------Location B ( Secondary FW)For above scenario , can we use common P2P link for HA1 and HA2 ? We wil...

Deepak_K by L3 Networker
  • 4800 Views
  • 1 replies
  • 0 Likes

PAN 3220 fail without Backup

Dear,I have a PAN 3220 that has failed and I have not been able to back up to put another PAN 3220 that I have as a spare, which they recommend ? Swap the Disk ???

Wildfire cloud registration attempts without license

Hi,I am having an issue with PA-220 appliances attempting to contact wildfire cloud. They do not have Wildfire license, but are attempting to register at wildfire.paloaltonetworks.com. The issue is that the firewalls are attempting to set up this connection and generating a lot of unnecessary traffic. How can i stop the firewalls from attempting...

jonasa_0-1596616875599.png
jonasa by L0 Member
  • 3035 Views
  • 2 replies
  • 0 Likes

Help allowing .dll files for VPN users

Hi, Like everyone, we have a lot of folks working from home. We use a CRM system called Ajeera, and in order to load up the various modules, the client system downloads an app from the server, which includes a .dll file. In the office, it works just fine, over VPN the .dll file is blocked. (It's a "ClickOnce" app, which is a new term to me, but ...

  • 24393 Posts
  • 123 Subscriptions
Top Solution Authors
Labels