Enhanced Security Measures in Place:   To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.

General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Ensuring a Safe and Secure Community: How You Can Help

 

Dear LIVEcommunity Members,

 

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

safe-community_oct24.jpg
jforsythe by Community Team Member
  • 27 Views
  • 0 replies
  • 0 Likes

9.0.3 -h3 - Possible bug?

Hi, 

 

anyone had issues after updating to this version? 

 

We had strange behaviour accessing some websites stating that 'File Transfer Blocked' there was nothing showing in the logs. 

 

We rolled back to 9.0.3 and problem went away. Possible bug ?

 

D.

BizBo by L2 Linker
  • 2683 Views
  • 2 replies
  • 0 Likes

Global Protect external IP address - Best practice?

Hello, 

 

We are a moderately-sized customer without an assigned sales or engineering resource due to account transitions.

 

We are in the process of moving to a new ISP and it has been suggested by internal resources, for other reasons, to utilize the s

...

Resolved! False positive threat

Hello,

 

PA-3020 is falsely identifying some adobe-creative-cloud-base traffic as being a threat.  I can't add an exception for this as the log view does not contain a threat ID as it normally would for a threat.  All of my dynamic updates are up to da

...

1.jpg
2.jpg

Resolved! debug dataplane for vwire and flow

if we have PA in vwire mode for troubleshooting purposes we can do pcap

Also we can do 

debug dataplane packet-diag set log feature flow basic

Other then this can we use any other flow for vwire troubleshooting?

MP18 by Cyber Elite
  • 3438 Views
  • 4 replies
  • 0 Likes

Cisco ASA multi Context migration

I am migrating a configuration over from a Cisco ASA that uses multiple contexts and have several questions about how to replicate that in a PA.

 

1. The ASA's use port-channel groups and for the internal and external those are shared. On the inside in

...

aporue by L3 Networker
  • 5283 Views
  • 3 replies
  • 0 Likes

Resolved! DNS security and cloud lookup

 

With PAN OS 9.0 Does PA do cloud clookup for everydomain 

or 

 

only for domains which are not in DNS sinkhole of Antispyware profile?

 

I was told DNS security is a  part of PAN DB  so when clouds verdict is that particular domain is  bad hows does this

...

MP18 by Cyber Elite
  • 4452 Views
  • 4 replies
  • 0 Likes

Resolved! commit error

today i got commit error 

 

Client websrvr requesting last config in the middle of a commit/validate. Aborting current commit/validate.

 

Commit failed

 

 

 

Fix was i just need to run the commit again.

Need to know why this commit error occured?

MP18 by Cyber Elite
  • 7477 Views
  • 2 replies
  • 0 Likes

Setting All traffic of a specifif URL to the primary ISP

Hi Everyone!

 

How will I set all traffic from https://www.siteground.com/  to my primary ISP? Because Currently we have two isp and running in a balanced round robin. The issue is whenever we go to the website it shows an error  "Due to ip changed ins

...

AVITUTS by L0 Member
  • 2704 Views
  • 3 replies
  • 0 Likes

PBF state is dicard

I have 2 internal test IPs, 172.16.16.2 and 172.16.16.3. These 2 IPs are respectively PBF, which implements different paths. And these two IPs have done two-way NAT. Map them to a public network address. 
The problem that arises now is that 172.16.16.

...

pbf-rule.png
pbf-config.png

How to make PA side as intiator for VPN with Azure

We want to make Palo Alto side as intiator for VPN with Azure .

 

Currently we have IKE settings as aes256,3des , sha1 sha256 and group 2 .

with lifetime less that azure standard 28800

 

still we are seeing PA acting as responder.

 

Basically issue is with

...

Resolved! minemeld-web FATAL, CENTOS Latest Dev Edition

I performed a recent git pull and performed the standard upgrade due to we were having issues on the edition we were on. However the minemeld-web will not load. I tried the revert back to pip 9.0.3 command for others having the with no luck.

When tryi

...

WilliamT by L0 Member
  • 4570 Views
  • 2 replies
  • 0 Likes
  • 23584 Posts
  • 107 Subscriptions
Labels