General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

500 INTERNAL SERVER ERROR

Getting "500 INTERNAL SERVER ERROR" while doing preview config/commit using GUI in panorama .

 

Any suggestions .  

 

Thanks ,

deepak12 by L3 Networker
  • 6634 Views
  • 2 replies
  • 0 Likes

Resolved! Queries on GP and PANOS

Hello,

 

1. We have installed GlobalProtect64-5.0.1. However after updating the client when I connected via VPN, it asked me to downgrade the client. Why is it so? Do we need to downgrade?

 

2. Can you suggest us which version of firmware will go with Gl

...

Resolved! GlobalProtect 5.0.2 Issues?

Anyone experiencing any issues with GP 5.0.2?  

 

I started an upgrade this week. So far so good, but a few users experienced an odd issue during the upgrade.  You'd click download, then when you click install, their screen went completely black.  The

...

MikeC by L3 Networker
  • 4157 Views
  • 4 replies
  • 0 Likes

IP to local address object/hostname resolution.

Prior to an upgrade Panorama was able to resolve an IP address to the host/object name of a local address object.
For some reason, the resolution has stopped working and support seems to not know what I am referring to but yet it is discussed here 


htt

...

rkoenig by L3 Networker
  • 4315 Views
  • 2 replies
  • 0 Likes

Python Script

From Pan-OS 8.0 - 8.1.6, there is a bug when using FQDN's in rule sets.  Until we're ready to upgrade, I need to run a script to force a FQDN refresh, cli is "request system fqdn refresh force yes".  I'm really new to Python, but have created my API

...

NAT Only works part of the time

Ok, Who knows what's going here...Here is my Scenario..

 

We're looking at a new Phone Platform and I'm only able to get a NAT to work part of the time.  First, when the IP Phone loads, internal address of 172.23.1.1, It connects out to the Platform IP

...

SSH connection drops randomly

An SSH connection to a particular server drops randomly (usually 20-60 seconds after login). Between the client and the server is a Palo Alto firewall with SSH decryption disabled.

What I tried so far

 - regenerated ssh keys on the server
 - added to se

...

PA-5220 Decryption Performance Degradation

We have a cluster of PA-5220 firewalls with SSL decryption activated. When initiating a communication across the firewall using a decrypted protocol (scp, HTTPs, etc.) we get 5x slower connections compared to the unencrypted versions of the procotol.

...

Resolved! IP Sec VPN Paloalto - Mikrotik

Hi!

 

I have a situation that is doing my head in, and I need some help.

 

I have an installation which looks like this

 

"A" end - Palo Alto Active/Passive cluster, public IP for IPSec VPN termination

"B" end - Mikrotik public IP for IPSec VPN termination

 

...

remote vpn on iphone and android config?

i successfully configured remote vpn client for windows to function but the customer is asking for vpn using mobile phones? would it work with the exist configuration? or does it need other kind of configuration? does the mobile phone pull the client

...

chuckles by L2 Linker
  • 4279 Views
  • 4 replies
  • 0 Likes

SSL Expired Cert and SSL decryption

 

We have vendor site which we access.

Recently their SSL cert expired and when I try to access that website chrome shows cert is invalid and still in brower it shows

it is decrypting the website and i can see the PA cert there.

 

Traffic log shows isessi

...

MP18 by Cyber Elite
  • 10797 Views
  • 11 replies
  • 0 Likes

Dynamic External Lists for Hostnames

Trying to figure out the best way to accomplish a task. 

  1. We have a "Suspicious" rule on our firewall that should be where we place hostnames for users that are observed to have questionable traffic.
  2. This will be a dynamic list that will be updated by a
...

  • 24185 Posts
  • 101 Subscriptions
This widget could not be displayed.
Top Solution Authors
Top Liked Authors
Labels