General Topics

Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

 

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! 

 

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 193 Views
  • 0 replies
  • 0 Likes

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

 

Rules and Best Practices

 

  1. Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion
...

JayGolf by Community Team Member
  • 875 Views
  • 0 replies
  • 0 Likes

Global Protect with Azure MFA issues

PA3020 PANOS-8.1.7 GP-4.0.7

Using Radius server for auth.

Radius talks to Azure MFA for 2 factor auth.

Having timeout issues.

Sometimes user not getting MFA prompt on the phone.

If the get MFA prompt they will get auth errors.

 

 

Panorama help : How to reset rules hit count

Hello everybody,

 

I have to reset three policies usage in Panorama 8.1 firewall but in this version is not available this option in the GUI.

 

I guess I can do it from the CLI.

 

Can anyboy help me?.

 

Thanks in advance.

carlostg by L1 Bithead
  • 7606 Views
  • 1 replies
  • 0 Likes

Restart is disabled because no ike sa was established

We have IPSEC tunnel to vendor.

Tunnel is up 

Gui shows Phase 1 is red.

I can ping the IP on the tunnel on vendor side  which is Gateway for Vendor LAN.

Unable to ping the LAN IP on vendor side.

 

PA shows traffic is passing but nothing coming back from ve

...

MP18 by Cyber Elite
  • 5104 Views
  • 2 replies
  • 0 Likes

Firewall rules suggestion

Hello

 

I would like to have advices regarding firewall rules. I'm deploying a PA-3220 on my main site (site A). On this main site, I have several zones configured on my PA3220 (user, servers, dmz Intranet,). I have also 5 remote sites.

 

I must create a

...

Resolved! File Blocking rule logic

The following KB article states that the File Blocking rulebase is not top-down but based on action precedence. The article fails to mention anything on the function of the application column with regard to processing logic:

https://knowledgebase.palo

...

Resolved! Allow traffic after "decrypt-error"?

Is there any way to allow traffic after "decrypt-error"? I get a lot of decrypt-errors showing up in the logs when SSL decryption is enabled. Most of it is from amazonaws.com (even though I excluded it from decryption). I would rather just allow the

...

Maxstr by L3 Networker
  • 21834 Views
  • 2 replies
  • 0 Likes

Can rapid fire spam phone calls be blocked by the PA

Can rapid fire spam phone calls be blocked by the PA, they seem to be similar to a dial of service and they are making it possible for us to make outgoing calls or recieve incoming calls by using all our phone sessions? Is there a way to block them u

...

jdprovine by L4 Transporter
  • 9298 Views
  • 10 replies
  • 0 Likes

Resolved! Threat log forwarding from unlicensed PA device?

Hi folks,

I believe I know the answer, but wanting to make sure I understand.  I am configuring log forwarding to a Varonis server for testing.  I've been sending the traffic log, but Varonis will only process the Threat log.  

 

I've configured the Thr

...

pasyslog.jpg
OMatlock by L4 Transporter
  • 3692 Views
  • 3 replies
  • 0 Likes
  • 24009 Posts
  • 115 Subscriptions
Top Solution Authors
Top Liked Posts
Top Liked Authors
Labels