General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

How and Why to Accept a Solution to Your Post

Did you know that you can help your fellow community members by accepting solutions when a reply answers your question Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature

...

JayGolf_0-1691518400714.jpeg
JayGolf by Community Team Member
  • 917 Views
  • 1 replies
  • 8 Likes

Resolved! blocking netflix application instead of url

currently i am blocking al the urls to netflix.

 

so when user access the website they get message blocked due to  url

 

on cli i see PA has to do some processing in order to block the url .

if i block the application netflix instead of url  that will red

...

MP18 by Cyber Elite
  • 2125 Views
  • 2 replies
  • 0 Likes

Resolved! Planning virtual deployment into cluster

I have a Hyper-V cluster that spans 4 hosts that I want to protect with a pair of PA VMs.

 

My question is do I need a pair of PAs for each host or do I add these two into my existing cluster and make the trusted interface on my existing vswitch and un

...

All hallows eve is on our doorstep, time for some poetry

As it's becoming a yearly tradition, I'm challenging all of you to come up with something funny

 

Last year we did pictures, this year we're going to have a go at Haikus!

We'll be selecting a (or more ?!?!) winner(s) who will not only receive eternal

...

jack-o-lantern-badge-18[2].png
reaper by Cyber Elite
  • 1543 Views
  • 1 replies
  • 4 Likes

Resolved! HA for interface pair as a DHCP client

I have a pair of VM-50 as an HA pair. When the primary firewall fails the IP is moved to the new active node but the MAC address changes and the ISP cable modem most likely does not accept this. The only resolution is to release and renew the DHCP ad

...

aarato by L1 Bithead
  • 2868 Views
  • 3 replies
  • 0 Likes

syn without window-scale option

Hi community, 

i am trying to access a website from LAN side of palo alto, even though correct policy is configured, tcp handshake was not complete. after packet capture i am able to find below points

  •  client sending syn packet
  • but i am not able to get
...

Passive node strange behaviour matching rules

Hi,

 

We have a cluster in PanOS 8.1.2. Suddenly we were reported that several users didnt work properly. We went to the active node and saw this:

 

In order to solve quickly we decide to do a failover. After that i worked properly.

 

So we would like to k

...

rule.jpg
setrule.jpg
BigPalo by L4 Transporter
  • 1269 Views
  • 2 replies
  • 0 Likes

Global Protect not working after upgrade

Hi

 

I have upgraded my passive palo alto firewall to 7.1.20 post which global protect portal is not working.

 

I'm seeing SSL session cache request comming in from external source. But the webpage page cannot load after adding the exception.

 

Same works

...

Home internet acccess with 1gb but...

Hello,

 

Looking for suggestions and recommendation,  just got an offer from the ISP to upgrade the Internet speed to 1Gig down and 10Mbps up for a very good price.  Except I have a PA220, the spec is good for 500Mbps with AppID and 150Mbps with threat

...

Destination mac

I was having issues with DHCP being blocked, so I can a packet capture from the PA to see if I could tell was was blocking the DHCP traffic and if it could possbile be the PA. It shows the mac address of the interface on the PA as the source and then

...

jdprovine by L4 Transporter
  • 5049 Views
  • 20 replies
  • 0 Likes

Global protect with loopback ip address and port number

Hello all

We have one public IP address and two groups of users who must connect to Head Office but get different policies

We decide to use loopback ip address and NAT it to the public one but with different port (for example loopback ip 1.1.1.1 and pu

...

Radmin_85 by L4 Transporter
  • 3878 Views
  • 8 replies
  • 0 Likes
Top Solution Authors
Top Liked Authors