General Topics
Showing results for 
Search instead for 
Did you mean: 
General Topics

Forum Posts

Happening in June: The Complete Zero Trust Network Security Event

Greetings everyone, Don't miss Palo Alto Networks' Complete Zero Trust Network Security event coming up in June. This event will cover the following points related to the newly unveiled Zero Trust Network Security: Secure access to the right applicat...

jdelio by Community Team Member
  • 1 replies

Resolved! GlobalProtect, Working from Home, Prisma Access and Covid-19

To all, Just wanted to post a message about the Hot Topic right now, which is Covid-19. With all of this going around, everybody's health and safely is the utmost concern. Keeping your hands clean, washing your hands (A LOT), using hand sanitizers, a...

jdelio by Community Team Member
  • 41 replies

DNS Sinkhole Intended Destination

I've configured a DNS sinkhole in our PAN firewall, and it's helped our department identify machines that are trying to reach out to malicious domains and such. Is it possible to identify the original, intended, destination that the user was attempti...

Traps Host Information

Hi, Are there any plans to include IP addresses in the logs emitted from the Traps ESM server? Currently only the system hostname appear to be in the logs, per documenation. IP addresses could be useful for querying against flow, pcaps, etc. Thanks!J...

Resolved! Dynamic IP ISP NAT

I'm trying to figure out how to NAT a single server and port to my external IP address if the outside interface from the ISP is dynamic. How do I translate it if I don't have a destination address?

application not working.

I had a customer connecting to an application from trust to untrust. It was working and then suddenly stopped working.I could see in the logs it was coming as port 443 and application -incomplete and then next day it started working with port 443 and...

MIB Value for Zone count

Hey all, I've been digging around and just can't seem to find the answer to this so I'll ask here. I'd like know if there is an OID MIB value to the number of Zones currently configured on any particular firewall. I've browsed/search this OID: 1.3.6....

steveo by L3 Networker
  • 0 replies

about mtu

Hello all, There is a problem with a smb traffic(very very slow)For the related source and dest. ip address 2 filter is configured and show counter output has : flow_fwd_mtu_exceeded 9 3 info flow forward Packets lengths exceeded MTUflow_ipfrag_frag ...

PanIst by L3 Networker
  • 1 replies

Log Card Interface Issues

We have configured a log card interface on one of our 7050 devices for submission to wildfire. This is not working. Our testing shows we cannot ping the default gateway conifgured on the interface. If we ping from the router, then no response is reci...

Resolved! Domain names in Security Policy

Does anyone know if it's possible to use a domain in a security policy? I know that I can use FQDN but what happens if I need to allow a wider range, such as * Can this be done or am I out of luck?

BPry by Cyber Elite
  • 4 replies

GlobalProtect - Client Certificates Deployment

Greetings, I have used the following article to distribute client certificates for GlobalProtect: My understanding is that with ...

Creid by L0 Member
  • 2 replies

Resolved! Issue With GlobalProtect VPN

Hi, Can someone please point me at the right direction? 2 PA-500 devices are in active-passive configuration. When connected via global connect, getting IP address in the correct range but cannot reach any internal address and trace route does not pr...

Farzana by L4 Transporter
  • 9 replies

Static Routes not Working

I have a network with in my network that I am trying to control access with user-id in the palo alto. Before I can do this I need to get routing working. The routing works just fine up to the palo alto in my test environment. Each interface can talk ...

trees by L1 Bithead
  • 4 replies

Resolved! PAN OS 7.0.9 Issues???

I updated my 4 HA Pairs this wekend to 7.0.9 because we were running into an issue with Ldap periodically corrupting and locking users out of the GP portal. Anyone else on this release. any issues?

Resolved! VM-300 Steps validation

Can some please these are the initial steps for setting up VM-300 in NSX? 1) Register auth codes for VM's2) Download the base-image on he VM that will host VM-300 firewall3) When download of sofware is complete I should UUID an dCPUUID4) After base c...