General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Resolved! IKE1 tunnel up without interesting traffic

 

i have configured the ike1 tunnel with ASA.

Right now there is no interesting traffic passing.

 

i initiated the traffic via cli to test the tunnel 

 

i see on gui under status - tunnel info and ike info both are green also i see tunnel interface is gree

...

MP18 by Cyber Elite
  • 3467 Views
  • 3 replies
  • 0 Likes

Resolved! PAN-OS 9.0?

Is there a list of features somewhere that PAN-OS 9.0 is supposed to support?

Rumor is that 9 will support true HA in Azure with session persistance, but cant find anytihng on it, and curious how that will function with Azures lack of L2 support.

Muldov by L1 Bithead
  • 2364 Views
  • 3 replies
  • 0 Likes

Resolved! Which IP address should I use for IPSec tunnel monitoring

Hello,

 

I made an IPSec Tunnel with Fortinet device, and it has some issue.

 

So I want to set tunnel monitoring for the tunnel, but I'm confused about the destination IP.

 

I set my tunnel interface ip(192.168.88.1/24), but at fortigate, it's not set.

 

I

...

yhlee1 by L2 Linker
  • 3319 Views
  • 2 replies
  • 0 Likes

Global Protect Dropouts

Hi, 

 

I keep getting dropouts,  from global protect.  It will say connected but I'm not able to remote to other machines that I know are on the network and then will disconnect and re-connect for some unknown reason like every minute or so. I looked t

...

Capture.PNG

Resolved! 8.0 HA Failover and IPSec VPNs

I am getting ready to do a failover test. Runnig a pair of PA-5220s in HA Active/Passive.

 

I see posts asking about what happens with IPSec VPN connections, but they are a few years old. Just want to confirm that with 8.0 the failover is still seamles

...

mike406 by L2 Linker
  • 2237 Views
  • 1 replies
  • 0 Likes

Resolved! GlobalProtect Initial configuration

How are people configuring their PAN for clients to grab the inital GP configuration?

 

Currently, the laptops are being imaged with Windows 10 and automatically connect to our internal network via certificate based authentication. GP is set to automat

...

meischc by L1 Bithead
  • 3809 Views
  • 8 replies
  • 0 Likes

MISP automatization with Minemeld

Hi,

 

I have an issue trying to customize misp node params over API:(with python)

 

 

curl -XPOST -u 'admin:admin' -H 'Content-Type: application/json' -i http://127.0.0.1/config/node -d '{
    "name": "misp_test",
    "properties": {
        "prototype"...

ITSCERT by L1 Bithead
  • 2359 Views
  • 0 replies
  • 0 Likes

admin auth

Any plans to allow various external authentication support (AD, SAML, etc)?

jchitsaz by L1 Bithead
  • 6738 Views
  • 5 replies
  • 1 Likes

Automatization of Minemeld with API

Hi,

 

Im trying to create node using "autofocus.sampleMiner" proto using API.

 

When I try to get existing node config I get the following answer when I run /config/node/N

 

HTTP/2 200
server: nginx/1.11.3
date: Wed, 02 Jan 2019 12:19:16 GMT
content-typ

...

Paloalto recommendation

Hi Team,

This is a notification for Palo Alto support officials.

I have seen many customers upgrading to latest PAN OS without knowing bug involved in it.

I request Palo Alto support team to add this option like next to the date whether that version is ...

PA8.1 RIP Question

Hi,

 

I have a linknet with 2 routers exchanging RIP information. I want to add a PA3020 to this linknet and I want it to learn all the RIP routes. However I do not want it to advertise anything. What is the default behavior of RIP in PA, will it adver

...

Data Pattern Regex

Hello community,

 

I'm having trouble with the following regular expressions in PaloAlto version 7.1.21.

 

  • (518497 | 518472 | 518536] {6}) ([0-9] {10})
  • ([503441] {6}) ([0-9] {16})

It works on different platforms, but not on the FW.

I have managed to make it

...

Resolved! Doing destinat NAT with Cisco ASA

I need to build tunnel with Cisco ASA.

Seems vendor's interesting subnet 10.2.2.x is part of our LAN.

 

If i config on PA vendor interesting subnet as destination  192.168.1.x and translate to 10.2.2.x in PA is this right way?

 

Mike 

MP18 by Cyber Elite
  • 3679 Views
  • 4 replies
  • 0 Likes
  • 24185 Posts
  • 101 Subscriptions
This widget could not be displayed.
Top Solution Authors
Top Liked Authors
Labels