General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Panorama - Commit getting stuck at 0%

I have got PAs in two DC, each DC have PA in active-passive unit, when I commit to one of the pairs in one of the DC, the committ is stuck at 0%.

 

I see the Panorama is connected to "Passive" FW instead of the active FW , could be the reason why the c

...

Resolved! MineMeld can not get O 365 JSON format list

Hello

 

[Failure event]
In the case of O365 's xml format, when MineMeld received traffic after ClientHello, I got a list but if I set config for JSON support I can not get a list.

 

[Prerequisites]
MineMeld will go through Paloalto and do Internet com

...

OSPF, VPN, routing and distribution

I'm trying to solve a routing conundrum to improve a remote site and provide redundancy, and hoping others may have some solutions. The short version is that we have the remote site with basic commodity internet using VPN to connect back to two datac

...

PAN OSPF.PNG

Resolved! 802.1x wired authenicaton with MS CA and paloalto

Dear Sir,

I am beginner in 802.1x authenication and paloalto.So please help explained and guide.

I want to use 802.1x with MS CA.Can i use paloalto firewall as a policy enforcer for 802.1x authenication ?

can use PA as a radius server for user log and m

...

crypto by L2 Linker
  • 2912 Views
  • 1 replies
  • 0 Likes

Resolved! MFA "SSL Connect Error"

I am testing Multi Factor Authentication with Okta. I have configured everything (including certificate profile) as per the guide as well as Okta specific YouTube video, The first factor (active directory auth) is working fine, however, I am getting

...

Proof Point Emerging Threats IP List Categories

Is anyone using the following Proof Point prototype:  proofpoint.EmergingThreatsIPs?  

 

The prototype allows you to select certain categories once added as node however it looks like the categories listed within minemeld are not matching up to what

...

jdemery by L1 Bithead
  • 3982 Views
  • 0 replies
  • 0 Likes

Arris (AT&T Fiber) to PA-220

All,

 

I have an Arris (BGW210-700) set up as 192.168.2/24 (DHCPed) and have successfully configured the IP Passthrough to the PA-220. However, I am unable to get outbound from the PA-220. 

 

Has anyone run across this? I have the Arris going into 1/1 (a

...

ckg1999 by L1 Bithead
  • 1410 Views
  • 2 replies
  • 0 Likes

Resolved! Allow internet only after HIP fail

We are looking to configure the firewall rules where if a known user fails the HIP check, the user has access to only the internet, and not the intranet.

 

I currently have the rules configured such that failing the HIP check allows the user to access

...

mikembau by L0 Member
  • 1034 Views
  • 1 replies
  • 0 Likes

Pan-configurator predefined.xml

Hello,

 

I am using Pan-configurator to create some scripts, and i am wondering how to update predefined.xml file.

 

Can we update this file manually or automatically?

 

Kind regards.

Resolved! Hardware Requirements to PA - 5050

 

Hi, i need Hardware Capabilities ( type of Cable, Chassis Height , Data Ports , managment ports ... ) of Palo alto PA-5050 to install in Data center of our customer in cluster with two WLC.

 

Thanks,

RosVerde by L0 Member
  • 1279 Views
  • 2 replies
  • 0 Likes

IP pool problem

Hello,

I have an IP pool for GP users  and IP are no being clearing when users disconnect the VPN, to clear this IPs we have to reboot the FW,

Is there other way to clear this addres ? 

this must be cleared automatically after disconnect?

 

Regards

 

Marivi by L3 Networker
  • 3581 Views
  • 9 replies
  • 0 Likes

Resolved! AWS Multi-VPN Tunnel with Palo Alto NGFW - Flow Issue

My PA NGFW managed to setup VPN tunnels with AWS VGW. AWS given 2 sets of VGW where each of the VGW comes with 2 links that will connect to NGFW 2 ISP link respectively with different set of public IP Address.. Below are the setup flow:

NGFW ISP1 -> A...

Resolved! Migrate config from Panorama template to local device

Just getting my head around the ins and outs of Palos, and some initial lab setup we had leveraged a couple of PA-220s and a virtual instance of Panorama. 

 

Using that config, I'm building a standalone PA-220 and want to recycle the bulk of the config

...

cdawson by L0 Member
  • 1115 Views
  • 2 replies
  • 0 Likes
Top Solution Authors
Top Liked Authors