General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

RFC1006 protocol over TCP

Hi has anyone heard of this protocol, give simple example of how it works AND whether or not it's supported by Palo Alto ? 

daz12 by L1 Bithead
  • 369 Views
  • 1 replies
  • 0 Likes

URL Category rule works on some firewalls but not others

We are using a rule to permit traffic for Cisco licensing using URL Categories.  The rule is applied via template, so all of the firewalls get the same rule.  The only variable is the source IP/host.

 

This rule works on most of the firewalls (all ar

...

jwill2 by L1 Bithead
  • 617 Views
  • 3 replies
  • 0 Likes

PA-220s randomly crashing

We are having a large number of our PA-220s randomly crashing. No critical system logs are see shortly before the crash, the device just goes down and they are logs of dataplane starting up like 30 minutes later. Our other models are fine, its only t

...

Claw4609 by L5 Sessionator
  • 2571 Views
  • 9 replies
  • 0 Likes

Resolved! PAN_OS 10.0.0 upgrade issue

i am going to upgrade pan-os from 9.1.14-h4—>10.0.0–>10.0.11-h1–>10.1.0–>10.1.6-h6 for my pa 3260 device.But when the Pan-os upgraded to 10.0.0, i waited  for two hours and the global protect client can connect the portal and gateway, but it  can't a

...

Resolved! Layer 3 between 2 buildings

Hi everyone,

 

I have 2 buildings; they are about 40 miles apart. I'd like to set up a layer 3 connection (OSPF) between 2 buildings. The fiber connection is provided by the ISP and is ready. I have a couple of questions:

 

 Is it a good practice to

...

tinhnho_0-1701963726227.png
tinhnho by L2 Linker
  • 925 Views
  • 3 replies
  • 0 Likes

Resolved! DNS setup best practice

Hi All ,

 

I am planning to use FQDN based address for security policy  . Any 

best practice to follow . As we have concern related to FQDN dns cache on firewall . And if we are connecting to cloud ( using hybrid setup)  any specific recommendation for

...

deepak12 by L3 Networker
  • 4762 Views
  • 6 replies
  • 0 Likes

Concurrent Policy Installation

Could someone help me from which PAN-OS version can we do Concurrent Policy installation ? 

 

For example : Admin A and Admin B can push 2 different Access Policy to 2 different Clusters ? 

Imposter by L0 Member
  • 480 Views
  • 2 replies
  • 0 Likes

User-ID mapping without ldap across an enterprise

Hi All,

 

not having the best day with thinking 

 

Palo Alto Scenario:

 

PA FW CLuster in HQ
Panorama Log Collector only in HQ
Standalone PA FW in SiteA
Standalone PA FW in SiteB
Standalone PA FW in SiteC
Standalone PA FW in SiteD

 

No Panorama mgmt in p

...

PA_nts by L3 Networker
  • 662 Views
  • 2 replies
  • 0 Likes

PAN HA with different SFPs

Hi Guys

quick question.. planning a pair of PA 5420's in HA - the plan was for each to have a 40gb QSFP+ module.

however on our secondary core switch we are unable to source a 40gb sfp in time.

 

So.. as a temp solution, will HA work if we have a 40G

...

PA_nts by L3 Networker
  • 625 Views
  • 3 replies
  • 0 Likes

Type: INNR in session id detail.

Hi team,

 

What does INNR represents in type when looking at the session ID details.

I know that this happens at child session, when parent session ID belongs to the HTTP/2 ID.

If you guys have any idea about what INNR represents, let me know.

 

 

 

 

Threat Logs not showing specific source IP Address

Hello everyone!

 

Just have an issue that I can't seem to figure out.

 

In our threat logs, we are noticing that the source address shows the default gateway address rather than a specified address. We will get a specific address, however more often

...

Resolved! Software NGFW Credits renewal

Would anyone have any idea why the portal would show Renewal Confirmed but the dashboard does not seem to be updating? Do I need to wait?

 

 

 

Still not showing updated:

 

 

 

 

 

Schneur_Feldman_0-1694558046673.png
Schneur_Feldman_1-1694558135175.png
Schneur_Feldman_2-1694558159143.png
  • 24007 Posts
  • 102 Subscriptions
This widget could not be displayed.
Top Solution Authors
Top Liked Authors
Labels