General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Cisco Policy Based VPN - ProxyID Query

Hi everyone,

 

I am receiving the below error on a Palo to Cisco policy-based VPN.

 

'IKE phase-2 negotiation failed when processing proxy ID. cannot find matching phase-2 tunnel for received proxy ID. received local id: 10.45.33.253/32 type IPv4_address

...

baz00r by L0 Member
  • 2244 Views
  • 2 replies
  • 0 Likes

Resolved! Force Template Values

Hi

 

If someone overrides a setting locally on firewall, can this be further overidden by Panorama using force template values?

 

... and is that instance what happens to the green and orange cogs?

 

Thank you

nawaza by L2 Linker
  • 7357 Views
  • 2 replies
  • 0 Likes

Router on a stick with VLANs

I have a single HPE 5400 that links to a PA-820. I have an untagged p2p VLAN on a Layer3 interface on the PA. I use this as the "MGMT/LAN" side. The HPE is doing routing for internal networks.

 

To add another VLAN, I tagged that same port on the switc

...

Export traffic logs in CSV

Hello All,

 

I have tried to export logs from firewall its reach limit up to 1048576 rows, this is only for 3hr logs can anyone have the option to filter logs or can we exceed this limit.?

proxy_arp_pvlan

Hi all,

 

I was dealing with a scenario recently which I eager to use the Palo Alto firewalls.

In my design, it is a must to use the feature which is called ARP alias in Cisco terms, and ARP publish in Juniper terms. In case of Linux as Palo Alto is usi

...

seek_2 by L1 Bithead
  • 4436 Views
  • 3 replies
  • 0 Likes

Resolved! types of PA firewall inspection

Hello community!

 

I have a question, checking my stick high firewall, I wanted to know if in my firewall I could configure the inspection mode. I have seen another product from another manufacturer that has 2 inspection modes that are the flow mode an

...

Azure Cloud IPs with Service Tags - REST API

I know there is a miner today for the Cloud IPs with Service Tags from a JSON file download.

 

There is also a REST API that could be used to pull this information, and would in a way work better than the existing JSON file, because you can split on lo

...

HIP Check licensing expired

I thought that HIP check licensing expiration (trial version), would cause any rules on the FW - using a HIP check profile column to not match.   Instead, it appears that it causes the firewall to simply not care about that column at all.... and allo

...

Sec101 by L4 Transporter
  • 2649 Views
  • 3 replies
  • 0 Likes

Resolved! Global Protect Saving User Credentials Security?

After reviewing a few documents, I'm hearing that doing this is not a best practice....  If I choose to do so, does anyone know where those credentials are saved and how they are saved  in the agent on the endpoint? 

 

I'm guessing encrypted cookies ar

...

Sec101 by L4 Transporter
  • 23275 Views
  • 13 replies
  • 0 Likes
  • 24128 Posts
  • 102 Subscriptions
This widget could not be displayed.
Top Solution Authors
Top Liked Authors
Labels