This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Resolved! Load Partial Config: merge vs append

When loading a partial config you have 3 options:  replace, merge, append.  I can't find a description anywhere as to what exactly each of these does!  Especially between merge and append.  I did see this KB article but it really doesn't explain the

...

ACS Accounting to PAN

I have Cisco WLC and use ACS for radius authentication.  I'm trying to configure PA FW to use those accounting logs for User ID.   I'm following this article but it's not working https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000

...

MikeC by L3 Networker
  • 1403 Views
  • 0 replies
  • 0 Likes

Packet Flow Sequence and Application Override

Hello everyone,

I have a question regarding the "AppID override" ,

In this article "https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClVLCA0" we can read the following:

"
Special Note about Content and Threat inspection
Applicatio

...

Resolved! TLS 1.3 is Coming - How to deal with it????

My security counter parts came to me letting me know that in Chrome version 70.X+ TLS 1.3 will be turned on by default.  This appears to be causing problems in our current firewall deployment:

 

A/P HA-par 5220s running 8.0.10 (soon to be 8.0.12).

 

It l

...

TLS_Error.png
TLS_1.3.PNG

Problems with ping due to SSL decryption

Hello

we have PA 220 model

and when we implement SSL decryption we can observe the ping delay in our trust interface.THE cpu load is 50 %

when we turn off the SSL decryption everything is normal

Radmin_85 by L4 Transporter
  • 2307 Views
  • 2 replies
  • 0 Likes

Resolved! Cannot access PAN Webgui

Hello,

 

Recently we performed a decrypt change to allow website to bypass decryption.

Now no user can access the PAN Webgui https.

Tried in different browsers and from different machine but no change.

Connection to FW via putty session is fine. 

We have r

...

Webpage.jpg

Issues with the MineMeld Microsoft EDL's

For the last couple of weeks we are running into an interesting issue with our Office365 EDL's.  We pull the Office365 API based IP/URL list into Panorama using MineMeld.  This process is working perfectly.  We have compared the output within MineMel

...

Need information on DHCP Relay

Hello. To start I had a DHCP server configured on one of the interfaces on our Palo 810 PanOS 8.1.2. The DHCP addresses being handed out were not being registered with our DNS server so I was tasked to make that happen. I figured I would just set up

...

IPsec tunnels, VPN features & licensing

I have a few PA 200's all with base license ready to install for a multisite company that needs a full mesh all over broadband internet. I am willing to manually configure each IPsec tunnel one by one if that is a free option that does not require ad...

Full mesh for multi site over broadband

I have a few PA 200's all with base license ready to install for a multisite company that needs a full mesh all over broadband internet. I am willing to manually configure each IPsec tunnel one by one if that is a good free option that does not requi...

How is sliding sequence window made?

Hello,

 

I found below on manual:

The Palo Alto Networks Firewall creates a sliding sequence window starting with the original ACK (the window size is based on the type of traffic within the session). It is expected that the packet sequence numbers with

...

yhlee1 by L2 Linker
  • 2048 Views
  • 0 replies
  • 0 Likes
  • 24034 Posts
  • 102 Subscriptions
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks