General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Odd NAT issue...

Had a very odd issue yesterday,

 

I created two new Bi-Directional nat rules [seperate NAT IP's] to the outside world, one worked fine the other did not...

 

One server could not get to the outside world..

The NAT matched [OK],
The Security Rule Matched [O

...

nat1.jpg
nat2.jpg

Certificate Setup on HA Pair

Hello,

 

I wanted to use the SSL/TLS profile facility to restrcit management GUI sessions to TLSv1.2 but am having trouble with the certificates/process to follow.  We have an Active/Passive HA Pair, i have been trying to setup on the passive to test b

...

Resolved! Default Master Key lifetime

Dear Comm,

 

I do understand that we use the master key for encrypting our private keys and passwords stored on the firewall. However I am wondering why we should touch this key at anytime? What is the default lifetime of the default master key? I assu

...

Rboehme by L2 Linker
  • 4521 Views
  • 2 replies
  • 0 Likes

ldap user group unable to get access

I have ldap server setup with auth profile. User gets authenticate by ldap server and can login via global protect.

User is part og the group and a policy is created for this group to access resources.

If i change the group to any access is granted but

...

Regarding pcnse

What is the level of toughness that we have in real exam than what we see in practice test on a scale of 1-5.
Is there any good pcnse practice tests that match the level of real exam. The only source of my prep is just the pcnse study guide is there a...

Sanssj by L2 Linker
  • 2979 Views
  • 3 replies
  • 0 Likes

Resolved! Datafeed Empty Indicators

Dear group;

 

I had  running Minemeld server with defautl Miner like that spamhaus_DROP, spamhaus_EDROP working fine. I Create a Custom Miner of prototype libraesva.LIBRAESVA_Advertising_IP4 with the follow info:


Miner: LIBRAESVA_Advertising_IP4-feet

...

Resolved! BPA tool

I was told that we can use a tool called Best Practice Assessment. Have you got the link/app to access it?

Farzana by L4 Transporter
  • 13250 Views
  • 8 replies
  • 1 Likes

Resolved! Global-protect configs

I changed global-protect configs by GUI then I checked the following 2 items was changed which I had never changed.

Would it happen If I changed it by CLI? and is it by design?

 

The 2 items

GlobalProtectPortal configuration > Agent > Configs > App

・Set U

...

question on ms-one drive option

Hi,

I am looking into blocking online storage from our network, all except One drive.

 

Under objects->Applications->

Category-> general-internet

sub category file-sharing

I see ms-one drive has several options

base, downloading, share and uploading.

what do

...

routing forwarding

hey guys
 
If there is a site-to-site VPN between the FWs and I want to force some specific internet access traffic to go through this VPN, is it possible?
 
Can I just add static routing on FW to force the specified traffic to the VPN tunnel?
Do we need
...

qd_056 by L2 Linker
  • 3361 Views
  • 3 replies
  • 0 Likes

Resolved! Panorama: how to manage Security/NAT policies

This is something we're struggling with. How do you write Security Policies and NAT Policies in Panorama when each firewall uses different IPs for NAT and the Security Policies include the IPs in them?

On our FreeBSD firewalls, this was easy. We just

...

fjwcash by L4 Transporter
  • 5057 Views
  • 4 replies
  • 0 Likes

All I want for christmas

Is silly pictures from you guys!

 

 

If you missed it, there's a new challenge up for you to get loot and for me to get a chuckle 

 

@Mick_Ball  is already one step ahead in getting some grade-A Live Community loot! So get out there and put some Chr

...

REAPER2.gif
reaper by Cyber Elite
  • 1197 Views
  • 0 replies
  • 0 Likes
  • 24008 Posts
  • 102 Subscriptions
This widget could not be displayed.
Top Liked Authors
Labels