General Topics

Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

 

Rules and Best Practices

 

  1. Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion
...

JayGolf by Community Team Member
  • 629 Views
  • 0 replies
  • 0 Likes

Resolved! Is higher latency normal on a VM compared to hardware?

Hi All

 

At home I run a PA-200, but I've been toying with the idea of moving to a VM (both lab-licences).. But whilst the VM runs WebUI runs 100x quicker, MGT interface is fine, but on the actual FW interface it has a much higher ping latency.

 

When pi

...

projxit by L1 Bithead
  • 5524 Views
  • 1 replies
  • 0 Likes

Resolved! when doing commit from PA i get error

i am doing temp override on the PA so that managenet  interface ip permitted list is as per panorama but when i do valid

commit 

 

etails:vsys1
Error: No PROXY_OPTOUT notify page defined in vsys1.

MP18 by Cyber Elite
  • 11370 Views
  • 12 replies
  • 0 Likes

Resolved! QoS Guaranteed Bandwidth question

We have a couple of tenants in our building and I was wanting to insure a guaranteed bandwidth of our 100 Mbs circuit for us regardless of what the tenants are doing. I was looking at something like this: I set all of our traffic to class 1 and all t

...

Bvance by L2 Linker
  • 6936 Views
  • 4 replies
  • 0 Likes

querying regarding URL filtering profile

I had created a custom URL category (for specific tiny url let say *.tinyurl.com/) & in the url filtering profile I had opted for option to continue for this custom url category to make user acknowledge the action & log the event. but the caveat here

...

Sanssj by L2 Linker
  • 3328 Views
  • 2 replies
  • 0 Likes

New NG PA implementation path URL

Hi all, we are replacing our aging ASA VPN with the new PA GlobalProtect. ASA has a path of someurl.com/path rather than just a default someurl.com. Makes it a bit harder for the bad guys to guess. Is PA capable of creating a path, rather than a defa

...

au_igs by L1 Bithead
  • 4308 Views
  • 5 replies
  • 0 Likes

Resolved! Palo Alto - Dynamic Updates

Hi I'm new to Palo Alto alto. but my company have several diffrent versions of Palo alto firewalls, some with direct support via palo alto PA-3050 where i have access to download the Dynaic updates directly. Plus some that we have support through a r

...

kev91234 by L1 Bithead
  • 4539 Views
  • 4 replies
  • 0 Likes

Resolved! Re-order BGP Import/Export Filters via CLI/API

Hi,

 

I'm looking for a way to re-order BGP Import/Export filters via the CLI or via the API (preferrably CLI).

 

I have not been able to find a set, move or edit command which does this and searching the API browser there doesnt seem to be a path that w

...

Resolved! Documentation bug? User-ID XML API has double closing tags

The XML API documentation for 7.1, 8.0, 8.1, and 9.0 appears to have an extra closing tag for the <uid-message> object.  You can see it on the following pages:

 

https://docs.paloaltonetworks.com/pan-os/9-0/pan-os-panorama-api/pan-os-xml-api-request-ty

...

fjwcash by L4 Transporter
  • 2794 Views
  • 1 replies
  • 0 Likes

Resolved! Deny internet traffic for a specific subnet

Hello, is it possible with palo alto firewall to deny internet traffic for a specific subnet?

let's say I have this subnet: 10.100.30.0/24

I want 10.100.30.0/24 to not reach the internet.

What should I do?

Hello Message Interval -PANORAMA HA

Hi,

 

What is the correct default Hello Message interval in Panorama HA?

 

Is it 5000ms or 8000ms?

 

I am asking this because, PA docs have quoted these two values at default at two different places.

 

https://docs.paloaltonetworks.com/pan-os/7-1/pan-os-admi

...

HA Default hello interval.PNG
  • 23942 Posts
  • 113 Subscriptions
Top Liked Authors
Labels