General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Resolved! Pinging Palo sub-interface reply goes to 00:70:76:69:66:00 as a destination MAC.

Hello All, l was thinking that this might be an interesting one. Any comments more than welcome 🙂 PAN-OS 7.1.10 PA-5060 635 66.604593 10.13.178.246 10.13.128.1 ICMP 394 Echo (ping) request id=0x0029, seq=0/0, ttl=64 (reply in 636)Ethernet II, Src: Apple_7e:b6:ff (38:ca:da:7e:b6:ff), Dst: PaloAlto_00:01:27 (00:1b:17:yy:yy...

Python Script

From Pan-OS 8.0 - 8.1.6, there is a bug when using FQDN's in rule sets. Until we're ready to upgrade, I need to run a script to force a FQDN refresh, cli is "request system fqdn refresh force yes". I'm really new to Python, but have created my API Keys. Anyone have some guidance to pass along on how I can build this script?

NAT Only works part of the time

Ok, Who knows what's going here...Here is my Scenario.. We're looking at a new Phone Platform and I'm only able to get a NAT to work part of the time. First, when the IP Phone loads, internal address of 172.23.1.1, It connects out to the Platform IP of 55.66.77.88, downloads the config from it's TFTP Service. Since we don't want our Voice traf...

SSH connection drops randomly

An SSH connection to a particular server drops randomly (usually 20-60 seconds after login). Between the client and the server is a Palo Alto firewall with SSH decryption disabled.What I tried so far - regenerated ssh keys on the server - added to server config: ClientAliveInterval 30 ClientAliveCountMax 5 - added `ServerAliveInterval=10` to ssh...

PA-5220 Decryption Performance Degradation

We have a cluster of PA-5220 firewalls with SSL decryption activated. When initiating a communication across the firewall using a decrypted protocol (scp, HTTPs, etc.) we get 5x slower connections compared to the unencrypted versions of the procotol. In Certificate Revocation Checking, CRL and OCSP are unchecked. Is this behaviour expected? If n...

Resolved! How to remove Panorama setting from firewall without losing any setting

Client firewall had been configure with Panorama but no more panorama. Any new setting need to change we do mannually. But still firewall showing panorama setting with read only. How we can disbale or remove panorama setting without losing any current setting. https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000Cmd6CAC Othe...

NavidAlam by L3 Networker
  • 8305 Views
  • 1 replies
  • 0 Likes

Resolved! IP Sec VPN Paloalto - Mikrotik

Hi! I have a situation that is doing my head in, and I need some help. I have an installation which looks like this "A" end - Palo Alto Active/Passive cluster, public IP for IPSec VPN termination"B" end - Mikrotik public IP for IPSec VPN termination IPSec Tunnel not work. The police 1 phase is accepted. But what this?2019-05-16 14:31:43.017 +020...

remote vpn on iphone and android config?

i successfully configured remote vpn client for windows to function but the customer is asking for vpn using mobile phones? would it work with the exist configuration? or does it need other kind of configuration? does the mobile phone pull the client from the palo alto as well?

chuckles by L2 Linker
  • 5643 Views
  • 4 replies
  • 0 Likes

SSL Expired Cert and SSL decryption

We have vendor site which we access.Recently their SSL cert expired and when I try to access that website chrome shows cert is invalid and still in brower it showsit is decrypting the website and i can see the PA cert there. Traffic log shows isession end reason was policy deny? Why PA shows cert as invalid or non trusted when vendor ssl cert is...

MP18 by Cyber Elite
  • 14789 Views
  • 11 replies
  • 0 Likes

Dynamic External Lists for Hostnames

Trying to figure out the best way to accomplish a task. We have a "Suspicious" rule on our firewall that should be where we place hostnames for users that are observed to have questionable traffic.This will be a dynamic list that will be updated by adding/removing hosts at any given time depending on security alertsSince we use LDAP I know we ca...

Resolved! Creation of new Session and 6 Tuples

Need to confirm below - If PA has the active session and need create a same session but the old session is active?What action will take depending on 6 tuples?

MP18 by Cyber Elite
  • 10014 Views
  • 4 replies
  • 0 Likes

Resolved! Reading firewall palo A20 logs

Hello Paloalto community, I ask for help please, I collect the logs of a Firewall palo lato A20 with graylog, I find a difficulty in reading Firewall logs. Can anyone help me to explain this logs, I want a clear interpretation of this logs.On the web interface of Graylog I see this logs from FW Palo alto: 1/ All the logs of the FW palo are "le...

F LOGS.PNG
Ayoub2 by L1 Bithead
  • 3280 Views
  • 1 replies
  • 0 Likes

Lost communications via HTTPS

Hello all,I had a problem with a PA-220, version 8.0.9.Suddenly I lost HTTPS service for the management interface, It was still working but I only had access via SSH.When I entered #show deviceconfig system service I couldn't see the services HTTPS & SSH (as disable-hhtps/ssh no)Then I entered #set deviceconfig system service disable-https n...

upatino by L1 Bithead
  • 3605 Views
  • 1 replies
  • 0 Likes

disable automic start globalportect and create a shortcut

Hello, My customer need a "GlobalProtect msi" to ditribute by GPO that complies with the following.- Customize Portal URL. That is Ok, we edit the with orca software https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClkwCAC.- the installation of globalprotect must be create a shortcut in the desktop.- in the installation ...

MPoffal by L2 Linker
  • 3867 Views
  • 1 replies
  • 0 Likes
  • 24393 Posts
  • 123 Subscriptions
Top Solution Authors
Labels