General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Ensuring a Safe and Secure Community: How You Can Help

 

Dear LIVEcommunity Members,

 

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

safe-community_oct24.jpg
report-content.jpg
jforsythe by Community Team Member
  • 240 Views
  • 0 replies
  • 0 Likes

certificate management with PA

Hi

 

Seems like the certificate renew strips all the SAN/Sub Alt stuff.

 

This is basic cert management .... 

 

So why this is a pain - bad ..

 

I have my GP portal cert generated by my PA. it was created with a SAN.

 

if I renew it, the SAN gets striped and g

...

Add LDAP *GROUP* as Administrator

All -

 

So, I know how to add individual LDAP users as local appliance / Panorama administrators.  What I'm wondering is, is it possible to add an LDAP group as an administrator, instead of enumerating each user individually?  So, instead of manually e

...

Resolved! Why PA is Responder for Phase 1 and Initiator for Phase 2

 

Seems Phase 2 is down and system log shows below logs again and again

 

and ( description contains 'IKE phase-2 negotiation is failed as initiator, quick mode. Failed SA: 198.160.x.x[500]-173.182.x.x[500] message id:0xF55F380F. Due to negotiation time

...

MP18 by Cyber Elite
  • 5210 Views
  • 4 replies
  • 0 Likes

giving the outside interface multiple ip?

im facing issue where a firewall with a outside interface is not receiving public ip adresses from the isp router , the isp router is showing it is own interface which is connected to the firewall as the arp destination for the public ip subnet inste

...

chuckles by L2 Linker
  • 3812 Views
  • 7 replies
  • 0 Likes

Captive portal to redirect to intranet site

Trying to set it so when users open their web browser and no matter what they go they are redirected to an intranet site for the first web request of the day. Same thing as a captive portal at a hotel, coffee shop, etc. Want it to redirect to http://

...

Resolved! Custom URL Category

I have a test url category with only one url. i have applied this url category to a test policy, not using a profile but directly in the policy under "service/url category".

 

when i browse to the site it uses the correct policy to allow the request...

...

Mick_Ball by L7 Applicator
  • 6005 Views
  • 9 replies
  • 0 Likes

How do I make a feature request for GlobalProtect?

I'd love it if the last Gateway I used was the default on my list instead of Best Available.  Or if this was an option that I can turn on.  

If I am on a different network, perhaps it makes sense to default to Best Available, but it never picks the be

...

calasyr by L1 Bithead
  • 5750 Views
  • 12 replies
  • 0 Likes

Resolved! New minemeld deploy unable to login to GUI

Used OVA to deploy it on ESXi.  Default admin/minemeld did not work after deployment and NO changes.  Gives the message "ERROR CHECKING CREDENTIALS: Bad Gateway"

 

Logged in via CLI and ran the following:

ubuntu@minemeld:~$ sudo htpasswd /opt/minemel...

drewdown by L4 Transporter
  • 28807 Views
  • 13 replies
  • 1 Likes

Resolved! How to install & upgrade Firewall new on client side

We had ordered the firewall and it's been delivered to client Now we want to configure and upgrade without distrubtring the current network what is the best way to do this or we had to bring it our side to configure and send back?

 

Any document or cli

...

NavidAlam by L3 Networker
  • 5292 Views
  • 8 replies
  • 0 Likes

Screenconnect App

Hi to all, this is Marco. I just update my 850 from PanOs 8.0.15 to 8.1.7.

Now i can find in the APP list screenconnect.

When i try to create a rule using screenconnect, the firewall tell me unknow-app.

Keeping in mind that the destination addresses of

...

  • 23624 Posts
  • 107 Subscriptions
Labels