General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Ensuring a Safe and Secure Community: How You Can Help

 

Dear LIVEcommunity Members,

 

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

safe-community_oct24.jpg
report-content.jpg
jforsythe by Community Team Member
  • 447 Views
  • 0 replies
  • 2 Likes

Security +

I’m studying for the Security + Exam. Any suggestions so I can pass the exam. I plan on taking the exam in February 2019. Thanks in advance

ShiemB by L0 Member
  • 2709 Views
  • 3 replies
  • 0 Likes

Credential Phishing Prevention with SSL

I'm planning to implement credential phishing prevention, but in looking over the documentation, all of the examples use HTTP and no mention is made of SSL sites. I would like to confirm whether it works or not, within the inherent limitations of SSL

...

magates by L2 Linker
  • 4073 Views
  • 3 replies
  • 1 Likes

Assign Secondary Public IP address

We needed additional Public IP for SIP and web server hosting.

 

My original IP was a single IP example "67.173.83.121\30".  The ISP gave us another range to use 67.173.75.73\28.

 

How can i add 67.173.75.73\28 range to my PA so I can apply NAT rules to

...

Problem with captive portal redirection for https

Hello there!
I have Captive Portal configured in a firewall. Unknown users are redirected when attempting an HTTP site, but those users are not redirected to the Captive Portal page when attempting to reach an HTTPS/SSL site.

The Captive Portal policy ...

Crednetial Phishing Agent Permissions

Does anyone know if the credential phishing agent requires different\additional permissions to the base User agent?

 

I have installed with our 'standard' account and I get this in the logs:-

 

 09/03/18 18:05:33:996 [ Info 2036]: ------------Service is

...

apackard by L4 Transporter
  • 3547 Views
  • 4 replies
  • 0 Likes

VM-200- Upgrade from 7.1.x to 8.0.x

I tried to upgrade a VM-200 from 7.1.10 to 8.0.15 but it failed as we had 4Gb RAM.

 

Is the requirement for upgrading to 8.0.x is 2xcpu,6.5gb –ram and 60gb.

Is it the same if we upgrade to 8.1.x after upgrading to 8.0.x.

 

Currently we have 40GB -- Can we

...

Resolved! Linux GP client

Now that there is a Linux GP client... How do we get it?

 

Details:

https://www.paloaltonetworks.com/documentation/41/globalprotect/globalprotect-app-new-features/new-features-released-in-gp-agent-4_1/globalprotect-app-for-linux

 

The page Titled "Downloa

...

hshawn by L4 Transporter
  • 7558 Views
  • 12 replies
  • 0 Likes

Sub-Interface for one IP address

Hi There,

 

I have a generic question about the Palo alto way of treating sub interfaces? Can I do sub interface on one of the physical interface for one netwrok address? for example, I did sub interface the ethernet1/5 as ethernet 1/5.123 and configur

...

DHCP Options for Mitel VoIP

I recently replaced a Sonicwall with a Palo Alto firewall.

 

One thing I could not get working are the DHCP options related to Mitel phones.  I'm wondering if anyone has gotten these working.

 

What the issue is that there are 3 options that are integers

...

Trouble establishing IPSec to Cisco ASR 1001X

I'm working with a business partner and we've verified phase 1, phase 2 parameters. But this is what I'm seeing in logging after running test vpn ike-sa gateway:

 

2019-02-26 09:57:21.638 -0800 [PERR]: { 43: }: 77.77.236.54[500] - 207.99.97.218[500]:(n

...

How Set Up the VM-Series Firewall on XenServer?

Hello, everybody.

 

I purchased the Vm-300 virtual firewall.

I have installed XenServer 7.1 servers

I would like to install version 8.0+ of the firewall on this virtualization platform.

 

I have downloaded the OVA extension file, but the import of the virt

...

tls1.3 and required action?

I know I am late in posting about tls1.3.

I have my permiter 5020s doing inbound and outbound ssl decryption. I'm currently on 8.0.13 and never had any issues. with tls1.3 coming this March, should I fear of breaking ssl connections and upgrade to lat

...

Security Policy Application

Hello everyone,

I'm hoping someone can help me understand why a security policy is not applying the way I thought it should. Here's what I have:

 

I have each of our schools configured on different DHCP scopes. I then created an Address Object using sla

...

GCSS-RT by L2 Linker
  • 3990 Views
  • 10 replies
  • 0 Likes

Resolved! policy-deny website problem

Hey all,

PA-3020 8.0.7

I would like to access https://experimental-concert-research.org and I get "Secured connection failed"

The traffic log allows those packets, but session end reason says "policy-deny".

I have never seen this before.

Can someone tell

...

MPI-AE by L4 Transporter
  • 4012 Views
  • 4 replies
  • 0 Likes
  • 23703 Posts
  • 110 Subscriptions
Top Solution Authors
Labels