General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Ensuring a Safe and Secure Community: How You Can Help

 

Dear LIVEcommunity Members,

 

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

safe-community_oct24.jpg
report-content.jpg
jforsythe by Community Team Member
  • 418 Views
  • 0 replies
  • 2 Likes

is Cluster possible?

Hi all,

 

is quick question on above statement. is it possible to configure clusters with Palo Alto?

I do not mean Active/Standby or Active/Active

 

I was not able to find any documentation on this. if this is possible, could someone point me in this dire

...

New Comer

Hi Im new to working with Palo Alto, and I im process of configuring a new Pa-820, I wanted a lttle infomation and help. 

 

1) Do you have to create a return rule if you want the return traffic back from the destination back to your source address. Or

...

kev91234 by L1 Bithead
  • 4423 Views
  • 6 replies
  • 0 Likes

Cannot add SNMP

Hi,

 

I am trying to add Palo Alto firewalls to our monitoring system but one of our PA-220 is failing to be added.   

We use Panorama and PAN-OS 8.1.3.

 

 

Any idea how to fix this issue?

SNMP.jpg

EDL HTTP response code said error

Hi,

 

I am facing an issue where the External Dynamic List shows an error when tested by cli command "request system External-list show", the error is "HTTP response code said error", but whem the list is tested from any other device it is accessable a

...

Resolved! FTP_Passive_Antivirus_Profile_Performance

Hi Guys,

 

quickDescription => paloAlto networks physical firewall and antivirus profile for FTP.

Task => Using a script to get/put a file (few hundred kilobytes) from/to the FTP server every 100ms (ten times per second or 20 times per second) . The FTP

...

Resolved! phase 1 up phase 2 down

( description contains 'IKE phase-1 negotiation is failed. Peer\'s ID payload 10.175.150.0 (type ipaddr) does not match a configured IKE gateway.' )

 

 

and ( description contains 'IKE phase-1 negotiation is failed as responder, main mode. Failed SA: 19

...

MP18 by Cyber Elite
  • 10740 Views
  • 2 replies
  • 0 Likes

ALB Health Checks -> Palo Alto -> ALB

Trying to get the Palo Altos to register as healthy. Can anyone provide some assistance on NAT policies, or configurations for getting TCP 80 checks from ALB to Palo Altos to ALB which sits in front of two App servers? 

 

ALB (Palo Altos)

   |

Palo Altos

...

Resolved! IpSec VPN between Palo and Vyatta

Hi all,

 

I try to configure an IPSec tunnel between PA-500 (version 7.1.4) and vyatta.

Config seem to be ok, phase 1 is ok but nego for phase 2 is block in "No Proposal chosen". I select in phase 2 all possibility given by the palo.

 

Any body already su

...

VinceM by L5 Sessionator
  • 8035 Views
  • 8 replies
  • 0 Likes

Resolved! Custom URL Filter - Site Definition Format

We started using Custom URL Categories, and it seems when we define a site, we have to add both a wild card to cover any subdomain, and a / to cover all URI/URL of the domain, IE:

*.acme.corp      (To cover subdomains)

acme.corp/       (To cover all UR

...

Resolved! GUI does not show system logs

On GUI i see traffic logs but no system logs.

LAst system logs are from yesterday.

 

Ran the below command

 

show log system direction
> equal equal

admin@EOCDC-G3-NGFW-2(active)> show log system direction equal backward
Time Severity Subtype Object EventID

...

MP18 by Cyber Elite
  • 4312 Views
  • 4 replies
  • 0 Likes

UserID

Hello

 

Is Userd Identification feature works only whith Active Directory users account or also with Computers accounts ? I would like to create a security rule who allow access on our internal ressources only for computer with an active computer accou

...

Knowledge Base Single Sign-On Error

Hello!

 

Every few days I get this error and can't access knowledge base. 

 

It is VERY FRUSTATING!!!!

 

Error started to appear after last tool upgrade. Does PAN have mailing list for resolving partner access issues?

 

Regards,

Maja

Capture.JPG
mkopcic by L2 Linker
  • 2731 Views
  • 1 replies
  • 2 Likes

Resolved! Open port

I need to create security rule and/or not to allow port 6965 to a device. Do I need both a NAT and security rule? Need to find out from vendor if port is TCP, UDP or both. I have PA-3020 running PAN-OS 8.0.13.

  • 23695 Posts
  • 110 Subscriptions
Top Solution Authors
Labels