General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Join the Fuel User Spark Event on March 19: Dealing with Threats !

 

Join us at the Fuel User Group Spark Event on March 19!

 

Get ready to ignite your cybersecurity knowledge and connect with industry experts at our upcoming Spark event hosted by the Fuel User Group. Whether you're a seasoned professional or just

...

kiwi_0-1709893724672.jpeg
kiwi by Community Team Member
  • 281 Views
  • 1 replies
  • 2 Likes

How and Why to Accept a Solution to Your Post

Did you know that you can help your fellow community members by accepting solutions when a reply answers your question. Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature

...

JayGolf_0-1691518400714.jpeg
JayGolf by Community Team Member
  • 3165 Views
  • 2 replies
  • 14 Likes

Resolved! Using PA220 as a "switch"

Hey all, i got a question that im not sure how to solve.

This is my setup/what i want to do do.

 

I got a L3 internet line on Ethernet1

On eth2 i got a CAT2960L with vlans 10 and 20.

On eth3 i got a CAT2960L with vlans 10 and 20.

 

I got 2 2802i with mobili

...

holten by L1 Bithead
  • 5033 Views
  • 4 replies
  • 0 Likes

SSL certificate expiring soon

I have a wildcard cert issued by godaddy which I use for inbound decryption on approx 10 dmz servers. it is set to expire soon and we've got a new cert. how can I seamlessly import it and not break the client connections as my server admins servers 

...

Can't commit in Panorama 8.1.4

Trying to add a new firewall into panorama, Im simply adding the serial number to the manageded devices and when I try to commit I get the following:

 

Validation Error:
deviceconfig -> system -> panorama-server constraints failed : Panorama server addr

...

Captive portal is not working on Chrome browser only

Hi Team

 

In my premise we have more than 200 machines, In all of the machine Captive portal is not working on chrome browser only but its working fine on IE and firefox browser.

 

Its not seems like browser issue. Something related to PA firewall. 

 

Plea

...

Dynamic DNS and an SSL cert

How can I use dynamic DNS and SSL cert on the outside interface of the palo alto for global protect?

 

I do not have a problem paying for something but I figured there is a way. I do not have a "server" at my home that is always on so I would need the

...

Application incomplete or Non Applicable

I have seen this so many times and I am wondering who you deal with it efficiently when making a rule. 

 

I see a standard port of like 443 or 8080 but with a rule that has application defined as SSL or web-browsing it doesn't hit the rule due to the a

...

Pa220 problem with random reboot

We are having 2 x PA220 with latest software and they are rebooting when we are using web management. I am fustrated, I opened support ticket (own premium support) and I have two options; to downgrade to 8.1.x  or wait 2 months for bug fix (HTTPd pro

...

Resolved! Test TLD

We block the "unknown" category in web browsing. This recently became an issue when an application needed to be accessed by its IP address. If the user hacked his HOSTS file to set the name test.test.test to that IP address, he was able to get to the

...

testtesttest.PNG

Palo Alto interfaces configuration

Tell me, please, if the device is not registered on the portal, will the firewall work? I connected PA-220 with PA-820 by patch-cord, but in the CLI I don't see the MAC addresses on these ports. Addresses from the same subnet.

PA-220 Eth 1/1 config:

PA

...

pa220.JPG
pa820.JPG

Resolved! SSL Decryption Certificate Issues

I have created the SSL decryption certificate and applied it using group policy. When testing I have several workstations that work with no issue but many others that recieve certificate errors. I cannot find any difference in the browser setup, the

...

Millette by L1 Bithead
  • 3863 Views
  • 4 replies
  • 0 Likes

New GitHub Miner

I just wanted to share that I have created and published a miner for github.com address space. It uses the github meta api endpoint and offers miners for each category of github's address space. These are git, hooks, pages, and importer currently.

 

...

Panorama configd crashing

9.01 and 9.0 - configd crashed on small changes to objects or templates

 

prior 8.17/8.14 - reportd crashed.

 

vm esx 16 cpu + 32 G RAM

 

Anyone experiencing this?

Rulebase Organization and Flow

I hate having OCD sometimes because its things like this I struggle with. How are others organizing their rules? Are you grouping them by source IP? Zone? Common Apps? I have "business units" so each business unit has rules. So After each group of bu

...

  • 24091 Posts
  • 99 Subscriptions
Top Solution Authors
Top Liked Authors
Labels