General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Ensuring a Safe and Secure Community: How You Can Help

 

Dear LIVEcommunity Members,

 

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

safe-community_oct24.jpg
report-content.jpg
jforsythe by Community Team Member
  • 244 Views
  • 0 replies
  • 0 Likes

Global Protect Agent GW Login Lifetime

We are having an issue where our internal GP agent is authenticating to both of our internal gateways normally, but after the period set for "Login Lifetime" - the firewall is clearing the IP to username mapping, even though the GP agent still shows

...

Sec101 by L4 Transporter
  • 11848 Views
  • 2 replies
  • 0 Likes

how to distribute one internet line to multiple services

in my current scenario, I have 4 interfaces configured with different Public IP address and each interface linked to the different router and each interface have different services (Internet Email1, Email2, VPN)

 

 

Our Plan to get a new line from a new

...

MFayez by L2 Linker
  • 4880 Views
  • 11 replies
  • 0 Likes

Resolved! Recommended PanOS in 8.0.x

HI, we are hitting a critical bug in our PA5020 about memory leak. Current version is 8.0.8. So we are planning to upgrade. What PanOS version do you recommend us? more "stable"?

BigPalo by L4 Transporter
  • 4396 Views
  • 4 replies
  • 0 Likes

SMTP Inbound Decryption

I am trying to setup inbound decryption for SMTP (TLS) using the default Decryption Profile.

What destination IP address do I use in the Decryption Policy: public pre-NAT or private post-NAT?

 

Regards,

Han.

 

Han.Valk by L2 Linker
  • 2783 Views
  • 2 replies
  • 0 Likes

Interface shutting down

I have a VM-100 running 8.0.12.  I inherated this configuration from the previous network engineer.  I am quite new to PAN-OS and have found that an interface that faces the Internet is shutting down.  

I can cycle the port in the GUI, and able to pin

...

2 ISP, 1 production & 1 Guest

Question for the community.

I have a site with 2 ISP, 1 circuit is a crappy 10mb circuit I want to use for just guest wireless.

 

Is it possible to run 2 ISP on a PA220 and keep the NAT and security seperate? 

 

dualisp.png

HA2 goes down when Enabling Session Synchronization

Hello Palo Alto Community,

I'm deploying a HA Pair of Palo Alto VM Serie (hosted on my infrastructure) and I'm being blocked by a situation I don't understand.

  • HA1 is UP and the two member can see each other. I'm using the management interface as HA1 i
...

Resolved! OSPF in a Active/Passive Firewall setup

Hi,


I have a lab with a active/passive Palo Alto firewall setup. I have had a look at the Palo Guide for setting up OSPF at:

 

https://knowledgebase.paloaltonetworks.com/servlet/fileField?entityId=ka10g000000D8HwAAK&field=Attachment_1__Body__s

 

From this

...

vvadia by L1 Bithead
  • 7245 Views
  • 2 replies
  • 0 Likes

URL Identification

Hi

 

i have a question about URL Identification.

 

i use url object in security policy and no use ssl decryption

 

if no SNI is present and there is no CN enrty,

 

how can identify URL?

 

thanks.

hbshin by L2 Linker
  • 4995 Views
  • 3 replies
  • 0 Likes

What is "cdt_token" process?

Hi there,

 

Quick question. I'm currently troubleshooting a PA 3020 in version 8.0.12 for one of my customer. Its PA has huge DP CPU usage (arround 80%). I try to figure out the reason of this usage.

I've isolated the "ctd_token" process which is a big

...

epavis by L1 Bithead
  • 5668 Views
  • 6 replies
  • 0 Likes

DNS license and PAN OS 9.0

 

During Ignite we were told that DNS is coming as license service in PAN OS9.0.

Need to know is this service different from dns sinkhole?

 

IF it is how it is ?

MP18 by Cyber Elite
  • 2824 Views
  • 3 replies
  • 0 Likes
  • 23627 Posts
  • 107 Subscriptions
Labels