This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4222 Views
  • 0 replies
  • 0 Likes

SSH Decryption

Hi. If my FW is doing SSH decryption and sending all decrypted traffic out of a mirror port where my Kali machine is, what tools would be able to "read" the username/password from the decrypted SSH traffic? I was looking for something similar to what "dsniff" does for telnet; TELNET : 10.1.1.1:23 -> USER: myuser PASS: mypassword So basically,...

Resolved! Suddenly receive GlobalProtect Portal not found error only with specific Internet Service provider.

Suddenly I am receiving the error that GlobalProtect Portal not found or Invalid portal. Please contact your IT administrator.Earlier I had GP client version 4.1.2-11 installed So as a part of troubleshooting step I have upgraded to 4.1.8-2 but still receiving the same error. Also, I have restarted the PanGPS services and restart my laptop but ...

Resolved! Disable HTTPS

I am running pfBlockerNG.It cannot connect to Minemeld because of the self-signed certificate.This is for my home, so I don't have a signed certificate to use.Is it possible to simply disable SSL on the web server so I can get past the cert error? Thanks

jonjon by L1 Bithead
  • 9123 Views
  • 5 replies
  • 0 Likes

outside to inside nat tcp and udp specific?

i have a situation where outside users will tupe in a public ip which the palo alto will nat it into a inside privtae address likedestination "public" x.x.x.x port udp 8443 >>> translated destination "private" y.y.y.y udp 8443 ,but when i tired to do it i couldnt set the tanslated address port to tcp or udp? does it take the same tcp ...

Capture1.PNG
Capture2.PNG
Capture.PNG
chuckles by L2 Linker
  • 8120 Views
  • 5 replies
  • 0 Likes

Resolved! GlobalProtect with MFA - Always On

I was wondering if anyone here using GlobalProtect with MFA, such as Duo, Okta or Ping. Currently, clients portal app is set to User-Logon (Always On). I'd like to implement MFA for GP, but also keeping the always on functionality. The question is if the user does not enter their OTP, then GP will not connect. This would circumvent the always o...

MikeC by L3 Networker
  • 16451 Views
  • 11 replies
  • 0 Likes

TAP multiple virtual routers

Has anyone successfully setup a TAP interface on a pair of 5220s with multiple VRs to send the traffic to a single TAP interface/zone? Trying to integrate a sensor appliance in, but it's not passing any traffic...open to any suggestions at this point.

Resolved! two Internetconnection IpSec build

Hello, I have two PAs and want to build IPSec tunnels between them. one PA A has a static IP. The other PA B has two internet connections. One with a static IP and one with a dynamic IP. Now I want to build two tunnels from device B to the A side. my two internet interfaces eth 1/4 has the IP 192.189.5.4 and the router behind it has the IP 192.1...

Resolved! Granular URL Monitoring

I want to be able to grab full URLs when specific sites are visited e.g. github so I can see what app/repo is being hit. Right now all I get is the domain. How granular can URL monitoring be? Can I get a full URL from URL filtering or URL category hits? Can I trigger a packet capture when specific URLs are hit?

mike406 by L2 Linker
  • 6909 Views
  • 6 replies
  • 0 Likes

Pushing From Panorama to Firewall, Commit Failed Ethernet 1/1 in use.

Guys sorry for the newb question but our company just up and ordered a bunch of PA stuff. We configure a firewall to access the Internet and connect to panorama on Ethernet 1\1. We import the devices settings into panorama and achieve a sync. Now we would like to create a template stack and device group and push everything in panorama back to t...

LeeRRoss by L0 Member
  • 5967 Views
  • 2 replies
  • 0 Likes

confused with PA-220 licensing and features

im having difficulty understaing the licensing on palo alto , from the attached pictures do i have the anti-virus , vulnrability protection , anti-spyware , url filtering , file blocking , data filtering and wild fire? or does each of them need a license to be active? and applied to rules?

licenses.PNG
chuckles by L2 Linker
  • 5621 Views
  • 3 replies
  • 0 Likes

Resolved! PA HA failover and IPSEC connection shows inactive

Yesterday during PAN OS upgrade when Passive PA became active I saw that our IPSEC connections stopped working. CLI shows status as inactiveI did clear vpn commandtest phase 1 and phase 2 still samething. Only way to make this work was via restarting the remote device. Need to know what config we can do on the current ipsec connection so VPN wor...

MP18 by Cyber Elite
  • 14784 Views
  • 6 replies
  • 0 Likes
  • 24355 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks