General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

 

Rules and Best Practices

 

  1. Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion
...

JayGolf by Community Team Member
  • 360 Views
  • 0 replies
  • 0 Likes

Decryption policy and SNI

Hi,

I activated a decyption policy but my site is configured with SNI. If I apply the policy, the other site with the same IP is blocked with error SSL_ERROR_NO_CYPEHR_OVERLAP (this in Firefox). Which is the correct configuration with SNI?

s_quasar by L3 Networker
  • 9005 Views
  • 8 replies
  • 0 Likes

Global Protect says it is updating but it isnt

Using Client version 5.0.1-9. I have set the Portal update settings set to Allow Transparently.

I have downloaded 5.0.5 on the portal and activated it. 

Wait 5 min.. connect with GPClient externally. 

After a few minutues I get a popup "GlobalProtect Ag

...

Andrew.C by L0 Member
  • 6035 Views
  • 1 replies
  • 0 Likes

Resolved! GlobalProtect connection problems

GlobalProtect version 3.1.6-19. 

Windows Server 2012 R2 ver 6.3 (Build 9600)

 

Hi there,

We' ve a server in the remote network that we reach with GP, we regularly (mostly hourly) pull data from that server. There is a windows service that we wrote to do

...

Traffic from GP interface

Hi Team,

 

I am seeing some traffic initiated from GP interface to outside using source port udp/4500 to public IPs of clients( GP uses 4501 and I have xauth configured). Are these traffics are because of GP xauth configuration.. anybody has noticed it

...

Convert active/active to active/standby Firewalls

I have active/active scenario PA-220 FW. FW1 has diffident  config than FW2. I want to make FW1 is the active without loosing any data. 

 

Do I need to erase or do factory reset for FW2 before I sync it from FW1 which is the main configuration that I w

...

SSL Decryption in different countries?

Hello All,

 

Starting to deploy 100+ firewalls worldwide. Have configured SSL decryption for General Browsing rule.

A template has been configured in Panorama, so they all have the exact same setup.

North America and Europe locations I tested are OK. Tri

...

Rievax by L2 Linker
  • 3596 Views
  • 4 replies
  • 0 Likes

Resolved! Can alternate usernames be used for Credential Detection?

We are using Multiple Username Formats under Group Mapping and E-mail address as one of the alternate usernames. Output for CLI command show user user-attributes user all displays e-mail address as Alt Username.
We have also User Credential Detection

...

marroz by L1 Bithead
  • 4774 Views
  • 4 replies
  • 0 Likes

Resolved! check now and Invalid image, Failed to download file

i was trying to download GP client 4.6  from GUI and got error 

 

Invalid image, Failed to download file

 

tried few times every time got above error.

 

then i clicked on check  now then it worked.

 

Need to know how i was able to download the global protect

...

MP18 by Cyber Elite
  • 18754 Views
  • 3 replies
  • 2 Likes

Resolved! block all facebook but one page

I know there are multiple discussion threads on how to allow just one FB page but block all other access . I tried every single of them and none worked properly.

I created a url filtering profile allowing just my company page and blocked social media

...

Resolved! Ethernet aggregate group

Hello,

I have been reviewing aggregate Ethernet interface group 

https://docs.paloaltonetworks.com/pan-os/8-0/pan-os-web-interface-help/network/network-interfaces/aggregate-ethernet-ae-interface-group

 

and I see LACP is not enable by default, then I wou

...

Marivi by L2 Linker
  • 7516 Views
  • 5 replies
  • 0 Likes
  • 23834 Posts
  • 112 Subscriptions
Top Liked Authors
Labels