This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4229 Views
  • 0 replies
  • 0 Likes

SSL Decryption severe throughput impact

Hi EDIT2: Please see follow up post belowEDIT: One open ticket is being investigated by TAC escalation as a possible known issue. I will update again as I know more. In the last month 3 different customers came to me with the same issue - when SSL Decryption is enabled their HTTPS throughput/bandwidth decreases noticeably, one customer said it d...

ShaiW by L4 Transporter
  • 6834 Views
  • 2 replies
  • 0 Likes

GLobalProtect Portal not found

I can get to the GlobalProtect portal on the PA firewall from outside and login and download GlobalProtect client. However, after installing the client and try to connect, it says "Portal not found" Any ideas? Client is joined to domain, it did not ask for credential when trying to connectSSL CA and Gateway is self signed on PA and Root CA and ...

Resolved! Policy-Based Forwarding with dual ISP's

Hi ALL, We are planning to build active passive PA with 2 ISP's and want to send S2S VPN traffic through ISP1 and Internet traffic through ISP 2. We are running static routing for both the ISP.Can someone suggest how to configure PBR in PA.

PALO_ALTO.JPG
Yusuf_PA by L1 Bithead
  • 9110 Views
  • 6 replies
  • 0 Likes

downtime for migration from MPLS to VPN with BGP with bgp routing

Hello community! I have currently two sites connected through MPLS and I plan to configure a VPN with bgp routing to migrate traffic. I am calculating the downtime that may require the migration from MPLS with static routing to the VPN with bgp routing. I´m considering the following:- Routes learned from IBGP has default AD = 200 and static rout...

Carracido by L4 Transporter
  • 2666 Views
  • 1 replies
  • 0 Likes

Resolved! Minemeld. Add a single IP via Api

Hello. I am absolutiely locked trying to send a single IP to minemeld (as an indicator) from a script. Some help or tips will be very appreciated: I want to add a single IP via API to Minemeld I figure out (I haven't found documentation) I need a miner to receive it. So I have created a Miner: - Miner Name: LISTENER_IPV4 - Class: minemeld.f...

Email Notification Alerts for VPN connections.

Team, We have started WFH facility for all of our users.We have deployed GP portal and client to connect corporate network.As per security requirements,We would like to receive the email notifications when the user connected to vpn client. Can any one help if you have the same setup and share the details of how to implement this on PA 3260's. Th...

Can't find the correct XML API path for excluding network ranges from GlobalProtect gateways

I'm having some troubles locating the correct XML API path in order to add/remove network ranges in a Global Protect gateway through a Panorama template. Any advice on what is the best way to locate tricky paths like this one? So far no issues with all other API operations, but this one I can't find it by using the https://panorama/api navigatio...

PANGW.png
MarcelST by L3 Networker
  • 4792 Views
  • 3 replies
  • 0 Likes

Resolved! Many-to-one NAT on same port /app?

I have 4 public IP addresses that are needed to NAT to a one single private IP server in DMZ. They all listen on same port and same application. Anyway I can get this done without greatly impacting users? Thanks.

Trying to find a method to prevent GlobalProtect logs from forwarding to our SIEM.

I am trying to find the correct configuration to prevent or exclude globalprotect logs from forwarding to our SIEM. I have filtered the type of event "globalprotect" but dont seem to be able to configure this as a filter in my log forwarding on my appliance. The above log entry is from "System" but this is not listed as a log type to choose fro...

Graeme_Riddell_0-1584547476761.png

Resolved! GP- AD auth and SMS through ext radius

Hi all , Has anyone accomplished to authenticate external users 1st with AD through LDAP profile and then SMS through radius to another server ? I guess 1st authentication will done in the portal and SMS auth profile can be added on the gateway ?

Resolved! Custom URL category not matching in security policy

On my PA 9.1.0 firewall, Ive created a custom URL category 'Akamai' with a url list comprising *.deploy.static.akamaitechnologies.comIn my security policy i have a rule allowing any source (trust zone) to reach any destination (untrust zone) via any protocol and any application. The rule specifies 'Akamai' under the Services/URL category. log an...

PA-200 with 4G LTE modem

I've got a PA-200 at home with a Huawei B525-23a router set to "bridge mode" with an EE data sim installed (no broadband where I live) The outside interface is set to DHCP and gets an IP address but no clients on the inside can resolve DNS. I can see the logs showing that DNS requests have 'aged-out' but think that's expected for UDP DNS queries...

Pcap VPN SSL

Hi, Is there any way to take a pcap in plain text about a VPN-SSL connection?

BigPalo by L4 Transporter
  • 3276 Views
  • 3 replies
  • 0 Likes

Total internet Bandwidth

I went to see total internet bandwidth. I have already apply QOS. But I went to see on 3rd party tool. Suggest how can i achieve this requirement.

Connection error 10022

Have yet to see an answer to the 10022 error message. Here is my log. Can anyone help. I have contacted support staff at UW Madison and they sent something to paloalto. I thought I might get a quick response from this group. I may be working from home soon. (T8800) 03/14/20 22:19:52:716 Info ( 246): InitWinConnection ...(T8800) 03/14/20 22:19:5...

  • 24355 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks