General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

AWS VPN Tunnel and Path Monitoring

I have 2 AWS instances(Prod and Stage) each with redundant VPN tunnels to the same remote end Palo. I setup path monitoring for each so that when one tunnel is down, the route is removed and the backup route is put in the FIB. This only works with our stage instance and not our prod instance. In each case, the tunnel state on the AWS side doe...

eridavis by L1 Bithead
  • 5073 Views
  • 3 replies
  • 0 Likes

Delete GlobalProtect Client from firewall

On a PA-500 we locally downloaded the GlobalProtect client and activated it. Now we want to remove it from the firewall, because we are deploying it via our software deployment and the users should not be able to download it directly from the Portal. Unfortunately it's not possible to delete an activated GlobalProtect client via GUI or CLI. Is...

Tobi by L2 Linker
  • 5889 Views
  • 3 replies
  • 0 Likes

Sectigo CA Chain Decryption Issues

Due to the recent expiration of the Sectigo RSA CA cert (https://support.sectigo.com/articles/Knowledge/Sectigo-AddTrust-External-CA-Root-Expiring-May-30-2020) and our Palo firewall SSL decryption policy configuration to block expired certificates we are noticing that any website that is publishing the old expired CA chain (for example netaoc.or...

Monitor Firewalls through Panorama (SNMP, API query ...)

Hello,I am trying to monitor some firewalls via snmp but just asking to the Panmorama devices that are managing these firewalls:If I run a snmpwalk using this OID 1.3.6.1.4.1.25461, the information about the firewalls that I get from the Panorama is just logs related information.For example:-- Connection id of the device being polled-- Log Type ...

Resolved! Connect Palo Alto with Azure AD

Hi, It's possible make this integration? Is the same configuration like a Windows Server AD?, I didn't found any article that talks o explain this topic. thanks in advance Mats

PaloAlto Firewall - Onsite Spare Unit Ownership Issue

Dear, We are planning the refreshment the Firewall, and this has an option for Onsite Spare Unit. If we purchase the firewall with OnSite Spare (OSS), WHO is ownership of the OSS hardware (end-user customer or vendor/SI or PA)? Thanks & Regards,James

Resolved! Certificate issue

Hello Team, I want to import certificate in firewall but facing issue. below is the snapshot.certificate extension is ".crt"I have a below query regarding this:- 1 - Is paloalto support ".crt" format.2 - is paloalto support ".cer" format.3 - Is paloato support ".PFX" format.4 - Is .crt and .pem format are same. Any one can give me suggestion on ...

Joshan_Lakhani_0-1593009107357.jpeg
  • 24396 Posts
  • 123 Subscriptions
Top Solution Authors
Labels