This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Is windows VPN client and split tunnel supported?

Dear community, I configured Windows 10 vpn client to connect to the globalprotect gateway and it works fine, the only thing that it´s not working is split tunneling. Cannot see the Access Route For Third Party Client on the gateway like this example:https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClIDCA0 Then checking ...

Carracido by L4 Transporter
  • 3737 Views
  • 3 replies
  • 0 Likes

CDL - Disconnect from log server

Has anyone else experienced many more "Disconnected from Log collector Server" alerts since the CDL Migration to GCP? I used to get one every now and then but since the change, it's increased dramatically. Every time I check, the firewalls are logging properly, it's just annoying to see these alerts. Also, any news on when CDL will start allowi...

MikeC by L3 Networker
  • 3413 Views
  • 2 replies
  • 0 Likes

display issue for filter user.src on different vsys(include all vision)

Hi Guys We got the issue for display src.user of different vsys(include ALL),for example, when I filtering src.user(abc.com\CDE) on traffic tab of vsys1, then unsuccessful displayed blank src.user on tab, but when I clear filter index, we can see specific user(abc.com\CDE) on traffic tab. another method, we tried filtering same specific user on ...

TysonLiu by L2 Linker
  • 4112 Views
  • 4 replies
  • 0 Likes

internet ipv6 to on-premise ipv4 nat

Hi all, there is a domain abc.com and there is an ipv6 dns record for that.so when using ipv6 from cloud is it possible to destination nat this to the ipv4 server inside. I know as a workaround we can add an ipv6 ip to that server but it is not possible now. (INTERNET)ipv6 (client)----- ipv6 FW ipv4 ---- ipv4(server) Regards

PanIst by L3 Networker
  • 3855 Views
  • 3 replies
  • 0 Likes

Devices Stopped Sending Logs to Panorama

We have five (5) devices managed through Panorama. Two of them are still generating logs, while three of them have stopped sending logs. Please assist. it the logs Stops to receive from the device and The traffic and threat logs can be viewed when looking directly on the firewalls, but are not visible on Panorama It has noted that panorama could...

Resolved! Queries on PA Firewall migration - DNS Security and Interface redundancy

Hi Team,I have a couple of queries.1. Currently the customer is using Redundant interface in Juniper, we will be migrating to PA. One interface is connected to a router 1 for internet and another interface is connected to a different router for data. How can we tackle it ? PBF is the suggested solution or is there any other way by which we can d...

Request for Palo Alto PSE Certification Clarification.

Owing to the syllabus changes in the palo alto course work material. I would like to request for your clarification with regards to taking PSE-StrataDC Proffessional exam. Is there any prerequisite certification that I MUST undertake before embarking on the PSE-StrataDC Exam?. Your prompt answer shall be of much value.

Milimu by L0 Member
  • 3443 Views
  • 1 replies
  • 0 Likes

Permission issues with "Introduction to Cybersecurity (EDU-010)"

Hi,Could someone please check why I receive the error "403 - Forbidden: Access is denied. You do not have permission to view this directory or page using the credentials that you supplied." for the module "Introduction to Cybersecurity: Mobile Security and Virtual Private Network Management with Prisma Access". All other modules load ok. Thanks

Incorrect password expiry notice in GlobalProtect

My client is running GP 5.0.8 clients to a 9.0.9 Palo Alto gateway. Globalprotect doesn't seem to be using the fine granular password expiry details from AD. Its saying the password will expire in 6 days when it wont actually expire for many months. Is there a setting i must change to have GP reference the correct source for password expiry in...

Global protect disconnect popup message

Hi All Hope you all are safe and good. I have one small query. If global protect VPN automatically disconnected ( For example internet issue ), it is not showing alert popup message on screen that GP vpn disconnected. Is there any way to show GP VPN disconnect popup message on user screen? RegardsMohammed Asik

Policies for Students

Greetigns So when our Palo was originally set up we created a policy for Students and for Staff.In the student policy > Application. ANY has been unchecked and a custom group has been selected.STUDENT-DOMAIN-APPS which is found under Objects > Application Groups which has a rather long list of applications selected. We then after that crea...

Wykeham by L1 Bithead
  • 3981 Views
  • 4 replies
  • 0 Likes

Resolved! Log filters nested and/or problems.

Is there a proper guide to filter wrtiting and nesting???? Trying as hard as I can but the Palo does nto seem to like basic logic for searching Basicaly the below should alert if the following Medium or higher, threat 40031 except if the destiantion is 192.168.10.140.Not for threat 30664Not for threat 37610 (severity geq medium) and ( ((ad...

DHCP Options

We have several firewalls (mixed between PA-850 and PA-3260), each firewall is segmenting a diffrent regulatory compliance (PCI,HIPAA, CJIS, DOD and so on) network (with multi vlans in each segment). Some segments are not large enough to warrent thier own DHCP servers, so we are using the Palo DHCP (we do not want to use DHCP relay, we want t...

jgeranen by L0 Member
  • 2196 Views
  • 1 replies
  • 0 Likes

2 internet lease line links. (Single ISP)

two PA firewalls and we configured in HA (Active-Passive mode).We got /28 subnet from ISP for 2 internet lease line links. (Single ISP)configured links on one firewall with IP 99.100.100.111 on interfacet 4 and 94.100.100.110 on interface 2. With next hope 94.100.100.109after commit we got interface overlap error.Is it possible to configure this...

bit_byte by L2 Linker
  • 3275 Views
  • 2 replies
  • 0 Likes
  • 24381 Posts
  • 123 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks