This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Resolved! Sudden issues with address objects in policy rules- behaves as if 0.0.0.0/0 is set

Since about 4 days I am experiencing a critical problem in relation to policy rules with address objects and suspect an update to address/region objects has caused this mess as I am experiencing this issue with: - manually added address objects- predefined country regions- dynamic address groups (based on tags- even if the address group is empty...

Bildschirmfoto 2019-09-24 um 10.51.52.png
Bildschirmfoto 2019-09-24 um 10.52.21.png
pan219 by L2 Linker
  • 7582 Views
  • 3 replies
  • 0 Likes

Resolved! Different Response Page for https and RDP traffic

I have configured MFA with Radius.It is for https and RDP trafficWhen we access http site we get response page to put Radius Credentialsbut when we do RDP connection to server we get different response pageNeed to know how can i make same response page for both http and RDP traffic?Also response page ask for Password how can i change it to show ...

MP18 by Cyber Elite
  • 3851 Views
  • 2 replies
  • 0 Likes

Monitoring Palo Firewalls using System Center Operations Manager

Hey Guys, before I get boo'ed and suggestion of more featured products to monitor palo devices (pano, something or rather dominated googles results) but...our main objective with monitoring our environment, is single pane for monitoring/alerting etc, and SCOM has fit the bill quite nicely. The past 6-12months we've looked at, and started implem...

jondavis by L0 Member
  • 4671 Views
  • 2 replies
  • 0 Likes

Best Practise for Scheduling Dynamic Updates

We want to schedule dyanmic updates , we dont have test environment. we can schedule updates on satellite offices then after 2 days to be installed on hub sites. prb is if new application traffic hits it will be denied by hub as that application would be unknow for hub ? Any recommendation on this scenario.

Resolved! Bringing up all interfaces in ESXI enviroment

Hi, I followed the docs when setting up a Palo Alto in an ESXI environment. I created 9 port groups for the device and connected each interface on the Palo Alto to one of them. When the Palo Alto came up all of the interfaces as not configured. If I set the interfaces to something (say TAP, Layer2, Laywer3 etc.) then they all come back as down e...

golariu by L1 Bithead
  • 3573 Views
  • 2 replies
  • 0 Likes

Import existing config into Panorama woes

We have a handful of standalone PAs that we want to import into Panorama. However in our first interation it failed with the following errors and I am not sure why. The entire process isn't made clear to me either via PA (like a lot of their stuff but I digress) so I was wondering if anyone has done this and can help point me in the right dir...

pan-post.JPG
drewdown by L4 Transporter
  • 6332 Views
  • 2 replies
  • 0 Likes

Resolved! Downloading PAN-DB via Panorama

Hi team, I've had a customer inquire about downloading PAN-DB on their firewalls via the use of their Panorama, problem is I can't find any documentation that would cover this. The use case of this would be for a deployment that is completely offline in terms of the firewalls, and they only have access to Dynamic/Software updates via the Panoram...

Lauchlan by L0 Member
  • 6647 Views
  • 2 replies
  • 0 Likes

How do I test ransamware myself ?

Hello, everyone of the specialistI plan to settings for wannacry in the Pan-OS 8.1I want to check in advance that the settings will workBut I can't have a real wannacry on my PCSo I'm worried about how to prepare a fake wannacryDo you have a good ideaThank you ~~~~japaneseこんにちは、スペシャリストの皆さん私はPan-OS 8.1でwannacryに対する設定をする予定ですその設定が間違いなく動作するかを事前に確認した...

awawa100 by L2 Linker
  • 4338 Views
  • 3 replies
  • 0 Likes

Resolved! Using PA220 as a "switch"

Hey all, i got a question that im not sure how to solve.This is my setup/what i want to do do. I got a L3 internet line on Ethernet1On eth2 i got a CAT2960L with vlans 10 and 20.On eth3 i got a CAT2960L with vlans 10 and 20. I got 2 2802i with mobility express and i want to use one as a WLC and the other to use that WLC.One AP will be in VLAN 10...

holten by L1 Bithead
  • 7497 Views
  • 4 replies
  • 0 Likes

SSL certificate expiring soon

I have a wildcard cert issued by godaddy which I use for inbound decryption on approx 10 dmz servers. it is set to expire soon and we've got a new cert. how can I seamlessly import it and not break the client connections as my server admins servers cannot replace the cert on all of them at same time. Thanks in advance.

Can't commit in Panorama 8.1.4

Trying to add a new firewall into panorama, Im simply adding the serial number to the manageded devices and when I try to commit I get the following: Validation Error:deviceconfig -> system -> panorama-server constraints failed : Panorama server address cannot be the same as own management IP addressdeviceconfig -> system -> panorama...

Captive portal is not working on Chrome browser only

Hi Team In my premise we have more than 200 machines, In all of the machine Captive portal is not working on chrome browser only but its working fine on IE and firefox browser. Its not seems like browser issue. Something related to PA firewall. Please help me to fix the issue. RegardsMohammed Asik

Dynamic DNS and an SSL cert

How can I use dynamic DNS and SSL cert on the outside interface of the palo alto for global protect? I do not have a problem paying for something but I figured there is a way. I do not have a "server" at my home that is always on so I would need the palo alto to update the dynamic dns portion.

Application incomplete or Non Applicable

I have seen this so many times and I am wondering who you deal with it efficiently when making a rule. I see a standard port of like 443 or 8080 but with a rule that has application defined as SSL or web-browsing it doesn't hit the rule due to the application not matching. I have also see port 8080 show as application ssl. So what are the best...

Pa220 problem with random reboot

We are having 2 x PA220 with latest software and they are rebooting when we are using web management. I am fustrated, I opened support ticket (own premium support) and I have two options; to downgrade to 8.1.x or wait 2 months for bug fix (HTTPd process, the one affected by the OOM).

  • 24381 Posts
  • 123 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks