General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Ensuring a Safe and Secure Community: How You Can Help

 

Dear LIVEcommunity Members,

 

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

safe-community_oct24.jpg
report-content.jpg
jforsythe by Community Team Member
  • 404 Views
  • 0 replies
  • 2 Likes

GlobalProtect Windows client - command line interface?

We're using the GlobalProtect Windows client application to connect to a customer’s VPN.

 

We’d like to automate this process, as right now our  only way to connect is to click on the tray icon ‘Connect’ option.

 

Is it posible to automate (e.g. via comm

...

Resolved! VPN IPSec gcm or cbc cypher types

When configuring VPN to a 3rd party vendor and you are given the required settings for IPsec profile as sha1 or sha256 only, however on the Palo Alto firewall we have the option to use cbc or gcm, e.g. aes-256-cbc and aes-256-gcm.

In the past I used t

...

BatD by L4 Transporter
  • 14068 Views
  • 6 replies
  • 0 Likes

DNS proxy rule

I have a DMZ zone for guest wireless users on Palo Alto. They use our internal server 192.168.10.10 for DNS. I am trying to configure the firewall to force them use 8.8.8.8 for a specific domain eg:*.amazon.com
Please let me know if configuring a DNS

...

Resolved! Packet Capture Filters via CLI using debug commands

I am trying to capture traffic between a specific source on the internal network to any destination on any zone.  I totally understand how to enable captures and turn it on & off but my capture seems to be colleting data but not anything that I can r

...

Resolved! Global Protect User cant login to the portal

User can login to GlobalProtect Portal normally. However, clicking a link to download the GlobalProtect client fails with the following error: "Could not find file".

 

Note: Global Protect agent has already installed and activated on peers

Problem with Panorama commit

Hello there!


I have a problem when I try to push the commit to Panorama. This commit is added to the queue, but then nothing else happens. The odd thing is that nothing is queued in the firewall queue...


Thanks in advance.

VPN-NAT question

I have 10.240.0.0/12 in the Proxy ID and would like to NAT all my 192.168.x.x addresses behind  10.248.250.10 out of that 10.240/12.
my plan is to create the NAT rule and assign that 10.248.250.10 to the VPN tunnel Interface. will this create a route

...

Troubleshooting User-ID from syslog listener

I've configured my 5050's to be Syslog Listeners for a couple sources so that I can parse User-ID information out of them.  I did so following this document here. I can see via the command

 

show user server-monitor state XXX

 

that I am receiving log me

...

  • 23694 Posts
  • 109 Subscriptions
Top Solution Authors
Labels