General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Resolved! No deny or drop traffic appear on Panorama

Hi All,

 

We recently add palo alto firewall to the customer as 2nd layer firewall - 2PA820 and 1 Hyper-V panorama.

 

Panorama is in panorama mode and we use it for log collector and management the firewall. 

Now, we have a weird issue that in panorama, w

...

Resolved! DHCP Server and DHCP Relay

2 interfaces with DHCP server configure (interface ip 172.16.13.1) Scope 192.168.12.2-254 and (interface ip 172.16.33.1) scope 192.168.32.2-254
2 interfaces with DHCP relay to 172.16.13.1 and 172.16.33.1
all the interfaces are on the Palo Alto firewall

...

Yevgeni by L1 Bithead
  • 5921 Views
  • 3 replies
  • 0 Likes

Wildfire submission log

I don't understand wildfire work.

I have this example that Firewall had wildfire-virus signature but was created wildfire submission log before wildfire-virus identification

why?

 

wildfire log.png
hbshin by L2 Linker
  • 4441 Views
  • 4 replies
  • 0 Likes

Packet capture

We have an issue with SIP sessions randomly hang on the firewall. We are trying to do packet capture on the Palo alto firewall. Since the issue is random, so we need to leave the packet capture on until it happens next time.

 

It seems the firewall aut

...

PA-5220 HA Configuration

Please can someone shed some light on the following issues which we are facing for PA-5220 HA Configuration:

  1. We can see port lights on HSCI port but not on HA-1/HA-2 ports even when they are connected,. Should they be enabled somewhere because in GUI
...

Connection between two DMZ zone with MPLS

Hello,

We have a server on the DMZ zone and another server in the other DMZ site.

We need to allow traffics between the two DMZ zones with the MPLS connection.

I don’t know how can I put this configuration on my PA firewall or maybe I should contact my

...

ra7oub4 by L2 Linker
  • 2352 Views
  • 1 replies
  • 0 Likes

How to disable SSH weak algorithm supported

We used Nessus to run security scan on the PA-5220 we are trying out and it came back with the following medium vulnerability:

https://www.tenable.com/plugins/nessus/90317

The remote SSH server is configured to allow weak encryption algorithms or no al

...

cnarvasa by L0 Member
  • 56845 Views
  • 5 replies
  • 0 Likes

Resolved! tcp/dynamic port range

I'm looking for a definitive answer on what port range "tcp/dynamic" and "udp/dynamic" uses. I would figure that it is 49152-65535, but I have not been able to locate anything in documentation or the community to confirm this. 

HA1 encryption issues?

Hi

 

Random question but has anyone had any issues when enabling HA1 encryption?

 

I performed a BPA yesterday and noticed that we do not have HA1 encryption enabled. I looked into it and seemed like a very simple/quick win to do and after following step

...

CRDF18 by L2 Linker
  • 2996 Views
  • 2 replies
  • 0 Likes
  • 24197 Posts
  • 100 Subscriptions
Top Liked Authors
Labels