General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Ensuring a Safe and Secure Community: How You Can Help

 

Dear LIVEcommunity Members,

 

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

safe-community_oct24.jpg
report-content.jpg
jforsythe by Community Team Member
  • 356 Views
  • 0 replies
  • 2 Likes

Allow downloading from Akamai or other CDNs

PANOS 8.1

 

Hi all - I have ongoing issues with trying to control downloading of files from CDNs. An easy example is .cab files used by Microsoft Office templates. When you download a template it goes off to a page off: templatesmetadata.office.net, bu

...

SARowe_NZ by L3 Networker
  • 4000 Views
  • 2 replies
  • 0 Likes

Resolved! Multi VSYS, VRs and ARP tables?

Hello team,

 

I will be deploying a couple of 3250s in HA and multi VSYS, and VRs.

 

My main concern is that are we getting separate ARP tables per each VSYS/VR? Let me give you some more background about what we will try to achieve:

 

We want to create 4

...

clipboard_image_0.png

Resolved! Block all traffic but a single IP Address

Let me start by saying that I am not a firewall expert by any means but I think the task I have is simple. I want to block all traffic through a PA-500 except for a single conversation between a dedicated machine on each side of the firewall. Is ther

...

hdaigle by L0 Member
  • 4339 Views
  • 3 replies
  • 0 Likes

Resolved! GlobalProtect VPN - Management Access

Hi,

 

Does anyone know a way to get access to the panos web management interface over a globalprotect VPN? We are using three interfaces on our firewall;

 

1 - Management Interface

2 - Trust

3 - Untrust

 

Global Protect is setup on the trust - and I have a r

...

HyderB by L0 Member
  • 4860 Views
  • 2 replies
  • 0 Likes

Issues observed in PANOS 8.1

Hi All,

 

I upgraded the PANOS from 8.0 to 8.1 last week, current version is 8.1.0. Now I am observing some issues.

 

1. Traffic logs are not showing source user.

PA is connected with active directory via WMI, connection status is fine. Source User in sec

...

Resolved! Address to use for Tunnnel Monitoring with Azure VPN

I have used this KB article to configure an IPSec tunnel to an Azure network

https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000Cm6WCAS

That has worked fine and the tunnel is up and passing traffic.  However I want to enable tunn

...

djr by L4 Transporter
  • 7904 Views
  • 2 replies
  • 0 Likes

Resolved! Commit Function on Suspended PA

When PA is in active passive mode.
I suspended the active PA and passive took over.

This is fine.

 

 

 

I did the config changes on the suspended PA and did the commit.
I saw that config changes from suspended PA got syn with active PA?

My understanding of s

...

MP18 by Cyber Elite
  • 2749 Views
  • 2 replies
  • 0 Likes

Upgrading

I need to update my firewall from 8.0.17 to the latest release of 8.1.  In the past I was instructed to first upgrade to the base release for the PANOS, and then install the maintenance release on top.  Is that still the way it should be done.? If I

...

Application Override

Hi All,

I have an application override setup and it is working fine.  The reason for the override is because we changed the port number of the application to something other than the default.

 

The way I have this setup is I created a customer applicati

...

Resolved! SSL decrypt exclusion for url ec2-13-57-194-193.us.west-1

 

 

 

Hi Everyone,

 

 

IP  13.57.194.193   ssl decryption exempt was failing and I

In ssl decrypt exclusion list I put  *.amazonaws.com   and still in traffic logs I see the IP 13.57.194.193  getting  ssl   decrypted.

 

I have attached the  nslookup for this

...

clipboard_image_0.png
MP18 by Cyber Elite
  • 4358 Views
  • 4 replies
  • 0 Likes

Update to Notifications in Support Portal (CSP)

Attention Customers with Support Portal accounts:

 

The Customer Support Portal's notification system has been updated to provide additional functionality and ease-of-use in responding to certain notification types.

 

The updates to CSP notifications

...

Resolved! GUI only works with Incognito

Hello -

We replaced our palo last night and now the GUI will only open in Incognito mode in Chrome.

 

I tried clearing the cache.  That didn't help.

Shawverr by L3 Networker
  • 5717 Views
  • 6 replies
  • 0 Likes
  • 23674 Posts
  • 108 Subscriptions
Top Liked Authors
Labels