General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Resolved! Multiple vpns to the same peer

Hi,

 

We have a requirement where-in we need to configure 2 vpn tunnels to the same remote peer.

Also the remote end local ip address ranges are the same. Below is a quick explanation

 

Tunnel 1

MyPeerPublicIp = 1.1.1.1

RemotePeerPublicIp = 2.2.2.2

MylocalSu

...

adil.bgz by L1 Bithead
  • 18535 Views
  • 7 replies
  • 0 Likes

Resolved! how long phase 1 will show as red in web gui?

We have ipsec tunnel to vendor.

 

web gui shows phase 1 as down and phase 2 as up.

i can ping across the vendor network.

traffic is passing via tunnel

 

show vpn flow shows  active.

 

need to know how long web gui will show phase 1 is red?

when web gui will s

...

MP18 by Cyber Elite
  • 2410 Views
  • 2 replies
  • 0 Likes

PA 5220 vsys HA Support

Hi,

 

we have a pair of PA 5220 appliances currently running only the default vsys (vsys 0) in an HA (Active / Active) Setup.

 

We would like to add additional vsys instances and also have each of the new instances running in a HA A/A Setup.

 

Would the HS

...

CarloMun by L0 Member
  • 3724 Views
  • 3 replies
  • 0 Likes

Problems installing on Ubuntu 16.04

I am trying to follow the directions found here:

https://live.paloaltonetworks.com/t5/MineMeld-Articles/Manually-install-MineMeld-on-Ubuntu-Server-16-04/ta-p/253336

I get to this step

  1. Adding the repo GPG key

Add the MineMeld repo GPG key to the APT t

...

Capture.PNG
Mattk by L2 Linker
  • 4702 Views
  • 3 replies
  • 1 Likes

Packet Buffer OID VM-Series

Hi,

 

Anyone know what is the OID used in the VM-Series to extract the packet buffer (hardware/software) values?

 

In the MIB of  Palo Alto Products I only find this one, but I don´t know what it exactly extracts:

 

PA-VM: 1.3.6.1.4.1.25461.2.3.29

 

Any idea

...

Resolved! unable to download or view the pa-500 specs sheet

i know this sounds like a silly question but I need to get the specs on our pa-500 firewalls. When I go to this page, https://www.paloaltonetworks.com/resources/datasheets/pa-500-specsheet nothing happens when I click the download button. Either the

...

youngi by L0 Member
  • 2844 Views
  • 2 replies
  • 0 Likes

Resolved! BGP Routing Question

Hi All,

 

I have BGP routing advertising from the Palo with eBGP advertising internally and externally for 4 vSYSs.

 

How do I advertise a particular vSYS with public IP a.a.a.a to advertise it as a route for public IP b.b.b.b/27.

 

Regards

 

Adrian

a.jones by L3 Networker
  • 4528 Views
  • 2 replies
  • 0 Likes

Subscription signatures off-line updates

Good afternoon, colleagues, I have three subscriptions: url filtering, threat prevention and wf500 signatures. How to update them off-line and is it possible to distribute these updates for the firewall and wf through Panorama?

ColaNet by L1 Bithead
  • 3803 Views
  • 3 replies
  • 0 Likes

Resolved! Run 'script' from CLI

Hi,

I wonder if it is possible to create a run a user defined script from our VM-100's CLI.

 

The script should switch Policies / Authentication / <my CP profile> to 'web-form'

 

- and do 'clear session all filter from ClassNet '

 

If this is possible how d

...

Resolved! Captive Portal and computers in hibernation

Hi,

We use VM-100 at a high school and frequently we switch on captive portal to impose access restrictions for certain classes.  We use AD group names in policies to target users.

 

However, despite enabling CP it appears that quite a few students who

...

NAT to VLAN Interface

I would like to NAT to a VLAN virtual Interface that has two physical ports attached to the same VLAN.  I am assuming this should be easy but am not finding alot of documentation.  Basically I want to create a vlan interface, assign an IP to it and t

...

DoDo1975 by L0 Member
  • 2337 Views
  • 1 replies
  • 0 Likes

Microsoft VPN client used to GP VPN

Hi Team

 

Customer want to know whether Microsoft VPN client can be used to  connect Global Protect VPN. This will eliminate GP agent installation in User’s machine.

 

Regards

Mohammed Asik

Content Image Uploaded. Failed to Install Image

I have a PA500 that has been offline for some time with Content version 695-4002. Am trying to reinstate it and upgrade with latest Content and Application but continually get failures.

The device is still under support and we managed to update it to

...

Security Based EDLs

I am trying out a PoC for Palo for a specific threat purpose.  The box came with some EDLs that I didn't expect and figured I'd share here.  They seem to cover a wide range of threats that would be really benefical for others to have deployed.

 

 

I'd j

...

EDLs.PNG
  • 23588 Posts
  • 103 Subscriptions
Top Solution Authors
Top Liked Authors
Labels