General Topics

Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

 

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! 

 

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 193 Views
  • 0 replies
  • 0 Likes

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

 

Rules and Best Practices

 

  1. Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion
...

JayGolf by Community Team Member
  • 875 Views
  • 0 replies
  • 0 Likes

Resolved! traffic shaping/qos on palo alto

Hi,

We have 400/400 up and down mbps connection, your ISP does not shape the traffic and have asked us to shape it.

Applying qos on the outside interface both ways, how would we achieve it?

 

if I only set the egress then i am only setting the speed for

...

Load balancing on palo alto

Hi Guys,

I am just wondering if the following scenario is possible 

Load balancing between the two client  VPN Gateways so half the clients connect to one VPN server at site A, and the other half connect to Site B.Palo alto firewalls on both sides.

Minemeld - NGINX reverse proxy

Hi

 

I am trying to setup a minemeld server (docker image https://hub.docker.com/r/jtschichold/minemeld/ ) behind a Nginx reverse proxy. This however is to be hosted on a subpath, however I cant seem to get the authentication to work (This all works co

...

Resolved! Can you Exclude an address from your traffic search?

the following search string 
( app eq dns ) and ( port.dst eq 53 ) and ( addr.dst in 8.8.8.8 )

searches and displays all dns traffic using port 53 that has the destination ip of 8.8.8.8

I would like to know if I can look at all dns traffic traveling on

...

Expedition migration tool steps

Hello all,

 

I am planning to migrate our two checkpoint HA clusters (Active-Standby) with Palo Alto with the help of Migration tool. I never used migration tool ever. Can someone brief me steps to be followed for successful migration?

johnde by L2 Linker
  • 3320 Views
  • 1 replies
  • 0 Likes

Resolved! Configure WebGUI certificate from CLI (PanOS 9.0)

Dear all,

lost access to the WebGUI.

opaque: websrvr: Exited 4 times, waiting 1770 seconds to retry

 

Before that I received another email from the firewall:

opaque: Shared certificate xxx and corresponding key have expired.

(OK, I know, my fault)

 

So I sus

...

high MP CPU load due to appweb3 process

PA-5020, sitting on 8.0.4.

From time to time MP load increases rapadily due to appweb3 process going above 300%. Looking like this:

 

There is no direct correlation found between the spikes and actions taken within the GUI. Spike may go on for a while -

...

cpu-load.png
nikoo by L3 Networker
  • 8616 Views
  • 4 replies
  • 0 Likes

QOS Bandwidth Limitation Download & UPLOAD

I would like to understand bandwidth limitation steps on Internet download and upload

 

Example - lets say i want to restrict steaming url category on download and upload

 

1. create QOS policy to map traffic going to inside to Internet  youtube as Class

...

kan0062 by L1 Bithead
  • 6850 Views
  • 1 replies
  • 0 Likes

Resolved! After Forward Trust certificate is renewed

After Forward Trust certificate is renewed is there a way to validate the renewed certificate is working correctly from either GUI or CLI?
Device > Certificate Management > Certificates > Forward UNTrust Certificate

GP prompts for internal gw connectivity

Hi all,

 

I've deployed a GlobalProtect installation solely for the purpose of User-ID. The GP agent connects to the internal portal/GW (one box) upon login with Kerberos SSO. However, when the internal gateway is not reachable (user has no network, us

...

GP GW Prompt.png
Arne-VDH by L3 Networker
  • 8209 Views
  • 12 replies
  • 0 Likes

Resolved! API - Manage Users for VPN access

Hello Community,

 

i'm currently planing a project which should be able to control the VPN user access via the API.

It should be a simple tool where you just need to click a single button. The tool then activates or deactivates the user for that VPN via

...

JustAGuy by L1 Bithead
  • 3857 Views
  • 3 replies
  • 0 Likes
  • 24009 Posts
  • 115 Subscriptions
Top Solution Authors
Top Liked Posts
Top Liked Authors
Labels