General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Ensuring a Safe and Secure Community: How You Can Help

 

Dear LIVEcommunity Members,

 

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

safe-community_oct24.jpg
report-content.jpg
jforsythe by Community Team Member
  • 419 Views
  • 0 replies
  • 2 Likes

Acitve Passive with different Uplink IP address.

 

We have two firerwalls at different locations conencted to different vendors via different ISP.

 

I it possible to have uplink to vendor with same ISP but different IP address in active and passive setup?

MP18 by Cyber Elite
  • 3907 Views
  • 9 replies
  • 0 Likes

Integrate a DMZ with virtual F5 to the PA FW

I would like to add a virtual F5 as a proxy to our exsiting 5220 PA FW. As I have never done a DMZ to a virtual device, I am jsut wondering there a sample scenario or configuration. 

If my F5 was a physical device, I will just assign an IP address to

...

Capture.JPG
jac101 by L2 Linker
  • 6303 Views
  • 8 replies
  • 0 Likes

XML User ID

One of our engineer setup XML to pull the user id and ipaddr mapping, which works with no problem. The problem is he left the organisation and we are not able to determine the source from where the input is coming into the firewall. The log on the PA

...

Policy rules based on hostname or windows hostname

Hi

 

I can create a policy based around the username, what about linking to a hostname . windows hostname - verify in MS AD.

 

I have a management VM, I would like to move, but it has some policied based around location - specific network. It would be ni

...

unknown-tcp for Exchange 2016 when decrypted

Hi,

 

I'm doing decryption for Exchange 2013 OWA web part and it was doing good - was seeing mostly applications like ms-exchange, activesync, outlook-web which makes sense.

Customer upgraded their infrastructure to Exchange 2016 and after trying to dec

...

nikoo by L3 Networker
  • 2456 Views
  • 2 replies
  • 0 Likes

Configuring ldap for mgmt.

I have customer firewall running 8.0.x . I have AD configured for customer using service route going into trust zone as required.

But I would like to manage the firewall at the moment managed wth single local superuser. Is it possible to use AD auth f

...

Resolved! Disconnected from Log collector Server

 

Tonight we got email alerts that our firewalls are disonncted from the log collecors-M500

 

Below is ms log from the PA

 

2019-04-05 01:38:55.024 -0600 MS: disconnected from log-collector. waitcount=1
2019-04-05 01:38:55.024 -0600 lcs agent: channel tear

...

MP18 by Cyber Elite
  • 11038 Views
  • 6 replies
  • 0 Likes

Resolved! VPN remote peer with a LAN address

I need to create a VPN tunnel between my PA firewall with a regular external IP address and a remote non-PA peer that is behind some equipment (no details) and only has a local 172.17.x.x address. Is this possible?

 

If it is possible, do I use the ext

...

mike406 by L2 Linker
  • 4399 Views
  • 4 replies
  • 0 Likes

Resolved! the show interface command

Hello!

I have a question regarding the show interface command.

When you enter for example "show interface ethernet1/3" to see the information of that interface, you can eventually see counters for receive errors or drops. Are these errors counted from ...

  • 23695 Posts
  • 110 Subscriptions
Top Solution Authors
Labels