Enhanced Security Measures in Place:   To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.

General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Ensuring a Safe and Secure Community: How You Can Help

 

Dear LIVEcommunity Members,

 

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

safe-community_oct24.jpg
jforsythe by Community Team Member
  • 27 Views
  • 0 replies
  • 0 Likes

Import/export device state

Upgrading a firewall from a single fw to an HA pair. My plan is to do a device export of the current active firewall then import that device state to the two new firewalls then setup HA. Some of the config pieces are from PANORAMA. Any issues with im

...

NAT configuration for interface Tunnel

Hi All,

 

I'm in the middle of migrating a series of PAs from one customer to another. The newer system is on version 8.1.10, the other is on 8.0.14.

 

I have configured the VPNs each with a seperate tunnel, pretty standard stuff. I am creating some spec

...

a.jones by L3 Networker
  • 7703 Views
  • 3 replies
  • 0 Likes

Halloween Reaper challenge time!

#spooktober is in full swing so it's time to have a little fun.

Like every year i have a little challenge for you, to see who can up with the most original, creative or just fun entry

 

This year we're doing picture captions, aka. memes!

 

All partic

...

reaper by Cyber Elite
  • 2097 Views
  • 1 replies
  • 2 Likes

Alert if same traffic log entry is repeated N times..

We have had an instance of a third party having an issue with their system that generated repeated traffic over and over 17K 5 times a second, constantly.

 

I can match the traffic in the log fairly easily. 

 

How can I set up an alert for that to go to

...

PAN-OS 9.0 Released - Stop and Think

Today Palo Alto Network officially released PAN-OS 9.0 to the general public. Some of you may have read posts recently regarding features that have leaked out from the beta, and if you have any questions those of us that have been participating with

...

BPry by Cyber Elite
  • 16052 Views
  • 30 replies
  • 7 Likes

VPN

Hi.

How to configure VPN that if peer ip and proxy id(remote address) is same.

When try connect address traffic don not flow over vpn. When i write route vpn gets down.

URAN_725 by L1 Bithead
  • 2619 Views
  • 2 replies
  • 0 Likes

DNS rewrite matching wrong NAT rule

Think this needs a case.  Open to any suggested workarounds.

 

Connecting two overlapping networks with NAT.  (why? we have to)

192.168.1.0  (zone1) --  PA --  (zone2)  192.168.1.0

policy routing in place, come in zone1 interface go out zone2 and vice ve

...

Source and destination based on NAT using DHCP

Hi,

 

I am setting up a PAN device. On ethernet1/1 I have it set up to DHCP. I then will have a computer connected to ethernet1/9. I want to set up both source and destination based NAT. From what I understand in order to do this I would need to create

...

golariu by L1 Bithead
  • 1796 Views
  • 1 replies
  • 0 Likes

Resolved! Change physical port in Active PAssive PA going to ISP

PA is in Active Passive mode.

 

Current uplink connection from active PA going to ISP is 1Gig.

We need to change the uplink port on the active PA that can support 10gig.

 

What is best method to do this without causing least amount of outage?

MP18 by Cyber Elite
  • 4639 Views
  • 12 replies
  • 0 Likes

Need to clear traffic or reset the tunnel to access

We had site to site vpn tunnels and traffic is always stuck and until unless we reset or clear the traffic the access is not working.

 

Any one have experience . The VPN tunnel never go down only the traffic PA to Sonic wall any recommendation on how t

...

NavidAlam by L3 Networker
  • 5176 Views
  • 4 replies
  • 0 Likes

Decryption Broker with Policy Based Forwarding

Hello,

 

I'd like to know if it is possible to use decryption broker with policy based forwarding on the same interface of the policy based forwarding as the scenarios is as the following :

We have a Bluecoat proxy connected to Palo Alto firewall using

...

  • 23584 Posts
  • 107 Subscriptions
Labels