General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

(EDU-110) Player is not playing certain videos -Firewall 9.0 Essentials: Configuration & Management

The Open Curriculum player fo Firewall 9.0 Essentials: Configuration and Management (EDU-110) Player is not playing certain videos. I have reached Intial Config > Initial Sytems Access > Configuring Service Routes and the video will not play. I can still play videos from previous sections and certain videos from future sections (i havent...

Dual IPsec Tunnel to same destination with ECMP

Hi everyone,I would like to set up two ipsec tunnels to the same destination. I know I could do this by assigning the tunnel interfaces different metrics in the VR. But if I do that, only one tunnel will forward traffic at a given time. In our setup traffic needs to actively flow over any tunnel that is up: Can this be achieved with ECM...

topology.PNG

PANOS 8.0.0 EDL requires certificate

Hey guys, Just set up Minemeld, upgraded to PANOS 8.0.0, running into an issue with seeting up the EDL, the source (https://minemeld.local/feeds/inboundfeedhc) being HTTPS, PANOS now requires a certificate profile for the communication to work - what shpuld be configured there, and what -if anything- on the minemeld server? Great tool by the...

luks by L1 Bithead
  • 33771 Views
  • 12 replies
  • 0 Likes

ADUC not loading while GP is connected

When Global Protect is active (be it at home or on site) it is nearly impossible to work with 'Active Directory - Users and Computers'.It takes easly up to 10 minutes -and longer- before it is loaded and every action/click that involves loading or changing someting (for example the 'Properties' of a person) takes at least another 5 minutes. When...

RedDevil by L0 Member
  • 5781 Views
  • 2 replies
  • 0 Likes

Password issue in IPSec tunnel

when then IPSec tunnel attempts to connect after a reboot, it seems like the credentials used to connect disappears and needs to be entered in manually. We do manage this all via template in Panorama but it doesn’t looks like it is keeping the settings.

Resolved! GP VPN users cant connect when we run PAN-OS 8.1

Hi Has anyone had any issues with users connecting in using global protect once they have upgraded from PAN-OS 8.0.15 to any version of 8.1? I had a change window the other night and updated to 8.1.6 which everything worked fine except for VPN access, people connecting in would constantly be prompted to type in the token passcode. We could see e...

CRDF18 by L2 Linker
  • 9801 Views
  • 13 replies
  • 0 Likes

Resolved! Inter Zone traffic

I have created a policy rule in palo alto from INSIDE zone to OUTSIDE zone all the traffic is allowed. and I am able to ping from a inside device to a outside host however when I try to ping from outside host to the inside host it is not working. Do I need to create allow rules from OUTSIDE zone to INSIDE as well?because in ASA when we intiate t...

Resolved! Dual outside interfaces, using DHCP, static route and path monitoring -commit error

I have an issue with a PA.220 running 9.0.2 setup, using dual DHCP assigned outside interfaces.I can remove the "auto created default route" in the interface's IPV4 config.And also create both new default routes with metric 10 and 20. But when I try to add path monitoring to the static routes I get the following commit error:Can't get vr id(Modu...

LasseN by L1 Bithead
  • 7229 Views
  • 3 replies
  • 0 Likes

Resolved! File blocking Profile on File Sharing Applications

Hello GuysWe have a security policy which goes with application & service any any to the internet. (that's another topic 😉 ) We want to block specific file types for downloading (.exe as an example). In the File blocking Profile we defined applications to any, configured the needed file types and set the action download to block. When we te...

Globalprotect Client - Reset configuration

Hi Community, I'm looking for an alternative and faster way to reset the GlobalProtect client config on a windows endpoint without reinstalling it.I know, that there are a few locations, where a config is cached:- win registry local machine and current user- install directory- %appdata$\local But if I delete all cached config there, the client s...

Chacko42 by L4 Transporter
  • 16864 Views
  • 2 replies
  • 0 Likes

Configure Global protect

I have setup VM series firewall and backend server. I need to configure global protect from palo alto web view I follow this docs and also I have AWS Elastic IP but I am confused with how I can configure AWS EIP.According to step 1 I created interface with AWS EIP but Its not working. Could any one help me to setup Remote Access VPN with Two-Fac...

PAN-DB URL Filtering - WEB ADs wrong classification!? - google domain

Hi, We have just switched from Brightcloud DB to PAN-DB database, in the first few days everything was ok, but we have just noticed a problem with PAN URL Filtering and WEB Ads category, domain doubleclick.net (google Ad domain that is used on most sites) is categorized as Business and Economy??? In our security policy we block Web Ads category...

rvsky124 by L0 Member
  • 7438 Views
  • 7 replies
  • 0 Likes
  • 24395 Posts
  • 123 Subscriptions
Top Solution Authors
Labels