General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Threat Vector, a Unit 42 Podcast, is Now on LIVEcommunity!

We have some exciting community news to share: Threat Vector, a Unit 42 podcast, is now on LIVEcommunity!

 

Threat Vector is your compass in the world of cyberthreats. Listen to this biweekly podcast to learn about unique threat intelligence, cutting

...

jforsythe by Community Team Member
  • 88 Views
  • 0 replies
  • 0 Likes

How and Why to Accept a Solution to Your Post

Did you know that you can help your fellow community members by accepting solutions when a reply answers your question. Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature

...

JayGolf_0-1691518400714.jpeg
JayGolf by Community Team Member
  • 3331 Views
  • 2 replies
  • 14 Likes

GlobalProtect Portal hostname for client endpoints

Hello all,

 

I've been trying to find out if it's possible to assign a hostname to a portal so that clients' portal list on their workstations have hostnames rather than IP addresses. I work in an environment where IP address for different "sites" are

...

Resolved! Enable licensing API?

When attempting to enable the Licensing API through the customer portal I get the following message.  Unfortunately there is no "Enable link below" to click.  Any suggestions?  Yes, I have opened a support case but was hoping the forums would be quic

...

Active/passive vs active/active recommendations

Hello,

 

We are about to work on a Paloalto cluster deployment, which will be sitting next to the internet (we will have two separate providers) and we need to make the decision whether we configure it as A/A or A/P.

I keep reading in quite some places

...

Resolved! SSL Decryption for Office 365 and Sharepoint

We want one user to access sharepoint and sharepoint only via the internet, everything is to be locked down.

 

We have gone through the KB below.

https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClTDCA0

 

It says to enable SSL Dec

...

SampleScreenshot.jpg

Certificate for gateway

My CA is Portal / Gateway  firewall it is having different template group and LSVPN HUB  firewall on different template group.

 

I have created new certificate for HUB  gateway on Portal/GW template , exported it from template group and imported it on

...

Resolved! Unable to view Global Protect Authentication Logs

Logged into Panorama CLI and typed this is:

show log system eventid equal globalprotectportal-auth-succ

 

No logs showed up.  Also tried from the gui:

Monitor > Logs > System and filter using (eventid eq globalprotectportal-auth-succ)

 

Still nothing...is

...

Resolved! IPSEC VPN NAT issue

I have a VPN request where  peer's IP range is conflicting with one of my internal IP range. 

They are asking me if I can do a NAT on my end to resolve it but based on my experience it must be them who should do a NAT. 

please correct me if I'm wrong.

Not able to introduce "?" in log-link

Hi,

 

Im trying to configure a log-link web with the character "?" in the middle but the PA is deleting this character "?"

Do you know if there is any way to put the question mark character "?" in the URL

 

for example this:

set deviceconfig system log-lin

...

BigPalo by L4 Transporter
  • 5337 Views
  • 7 replies
  • 0 Likes

Auto switch between internal & external gateway

If I mix external and internal gateways in the same portal.

Does GlobalProtect automatically switch gateways when users work in the office or work outside?

 

In the current situation, when I use GlobalProtect in my office or office, I need to manually s

...

Policy Optimizer Additional Apps

Hi, we have Policy Optimizer enabled and looking at the data there appears to be 'seen' apps that are not actually allowed by the rule:

 

 

I'm thinking someone edited the rule (from perhaps 'any' to 'sip') but cannot confirm in the logs (rule is also s

...

spi.PNG

Understanding AppId Dependency Implications

I've run in to a few instances where I need/want to allow a specific App with a specific policy, but it has a dependency I don't want to include with the same policy. I'm wondering if I need to rethink how I arrange these rules.

 

The most recent examp

...

ResponseError: MISCONF Redis WARNING

I have been noticing my Minemeld instance doing funny things like not being able to log into the web portal and getting a bad gateway. In short I have to restart the Minemeld service. I found the following error.

 

2019-10-07T17:41:54 (64580)basepoll

...

Romans6 by L1 Bithead
  • 2196 Views
  • 0 replies
  • 0 Likes
  • 24125 Posts
  • 100 Subscriptions
Top Solution Authors
Labels