General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

 

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! 

 

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 497 Views
  • 0 replies
  • 0 Likes

Enabling Jumbo Frames on HA Pair

I have an active passive PA850 pair, and want to turn on jumbo frames. 

I wondering about the best order-

Can I:

do the passive unit first, and reboot

fail over and do the primary then fail back.

 

Any issues with the HA function while one unit has jumbo e

...

NeilR by L2 Linker
  • 3706 Views
  • 1 replies
  • 0 Likes

Resolved! GlobalProtect HIP check issue

 

HIP object is correctly setup.

 

We are testing the missing patches HIP check object and noticed that an VPN endpoint is showing 3 missing patches (on the HIP report).
However the machine is showing it's installed these patches already.
How does Palo de
...

Resolved! DNS Security - High Risk Sites

thumbnails.trvl-media.com used by www.hotels.com to host its images is classified as a high risk site

If this is a false positive, how do I get Palo Alto DNS Service to take a second look or find out why it's classified as high risk?

 

How are other peo

...

DMZ, inside, outside - is it simple thing?

Hi there.

 

I have a PA-200.

Internal net is 192.168.0.0/24 eth1/2 , inside L3 interface  (default gw) -  192.168.0.254

One external ip address is using for outside inteface, eth1/1.

For connection to Internet I typically use pair inside-outside with:

1. N

...

mxe2fmk by L1 Bithead
  • 8164 Views
  • 6 replies
  • 0 Likes

Unable to reach GP Portal while on internal network

Hi All,

 

I was working with a site that has a PA firewall with a GP Portal and Gateway.  Some time ago, I had an issue where my users couldn't upgrade their globalprotect version while in the office. I was able to resolve this issue by creating a No N

...

ce1028 by L4 Transporter
  • 5832 Views
  • 4 replies
  • 0 Likes

Dual Isp - Two webserver

Hi all,

 

i have a problem, maybe stupid for all of you, but i can't understand how to configure my pan-220.

I had only one isp and all it's ok (internet, webserver, 2 vlans, etc).

Now i have another ISP and, if is possibile, i need to publish a web serv

...

SSL Decryption severe throughput impact

Hi

 

EDIT2: Please see follow up post below

EDIT: One open ticket is being investigated by TAC escalation as a possible known issue. I will update again as I know more.

 

In the last month 3 different customers came to me with the same issue - when SSL De

...

ShaiW by L4 Transporter
  • 5705 Views
  • 2 replies
  • 0 Likes

GLobalProtect Portal not found

I can get to the GlobalProtect portal on the PA firewall from outside and login and download GlobalProtect client.  However, after installing the client and try to connect, it says "Portal not found"

 

Any ideas?

 

Client is joined to domain, it did not

...

Resolved! Policy-Based Forwarding with dual ISP's

Hi ALL,

 

We are planning to build active passive PA with 2 ISP's and want to send S2S VPN traffic through ISP1 and Internet traffic through ISP 2.

 

We are running static routing for both the ISP.Can someone suggest how to configure PBR in PA.

 

PALO_ALTO.JPG
Yusuf_PA by L1 Bithead
  • 7789 Views
  • 6 replies
  • 0 Likes

Resolved! Minemeld. Add a single IP via Api

Hello.

I am absolutiely locked trying to send a single IP to minemeld (as an indicator) from a script.

Some help or tips will be very appreciated:

 

I want to add a single IP via API to Minemeld 

I figure out (I haven't found documentation) I need a

...

Email Notification Alerts for VPN connections.

Team,

 

We have started WFH facility for all of our users.

We have deployed GP portal and client to connect corporate network.

As per security requirements,We would like to receive the email notifications when the user connected to vpn client.

 

Can any on

...

  • 24092 Posts
  • 116 Subscriptions
Labels