This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4468 Views
  • 0 replies
  • 0 Likes

Resolved! nat and security policies ip object need a subnet mask or not?

in my firewall i use certain ip addresses for outside to inside natting and for security policies , but im wondering , under objects do i need to specify the subnet mask "/24 , etc" for each object host or not? i specified the mask for the inside and outside interfaces ip addresses but what about the objects in natting and security policies?

chuckles by L2 Linker
  • 3819 Views
  • 1 replies
  • 0 Likes

Require historical report on Firewall Throughput, session , CPU and memory utilization.

Need to know about reporting feature on Panorama which provides historical ( last 30 days) utilization of Panorama manages firewalls.I know that there is an option in Panorama under Health Managed device Tab. but it could not provide statistics properly on the report.Also would like to know has a reporting done better in the new version?

DHS AIS Miner SSL issue after Feb 13th

Hello, DHS upgraded their server on Feb 13th and since then some people were seeing SSL errors. They told me, they have couple of organizations using Minemeld they are currently failing when they pull. The error i see in my system below. (8429)basepoller._poll ERROR: Exception in polling loop for US-Cert-AIS: <urlopen error [Errno 1] _s...

akapucu by L2 Linker
  • 3868 Views
  • 2 replies
  • 0 Likes

VPN tunnel up alert mail

Hi Team If VPN tunnel goes down we have receive a mail alert by severity critical. If the VPN tunnel comes up how can I get mail alert ? Please advise.. RegardsMohammed Asik

New MineMeld install on CentOS 7 ... joined to AD domain. WEBUI login failing - bad creds

We have been running Minemeld on Ubuntu 18.04LTS, but since that OS is EOL I am working on a replacement server running CentOS 7. The server was built for me by the server team and was joined to the domain. I use my AD credentials to ssh to the server and then use sudo on the install commands. I used the instructions in github and the install w...

alterioc by L2 Linker
  • 5278 Views
  • 2 replies
  • 1 Likes

Resolved! Device document error

Hello all, I have a PA-220 I am trying to import into Panorama, but am getting an error. I have added the Panorama IP on the PA-220 and the PA-220's serial into Panorama's Managed Devices, and it's showing connected. However, when I go to Import device configuration to Panorama, I get the "Device document was not found for configuration import...

Resolved! Global protect users issue

Hi Experts, I configured global protect SSL VPN all worked as expected but i am facing an issue, GP users are not showing up on my monitor tab, i know that its a routing issue i did the below routing and created security policy to allow all GP traffic to have full access but still i can't access any internal resource in my network and not able ...

Capture.PNG

Resolved! Userid agent server monitoring method

Hello, I wonder what is the port / protocol used by windows UserID agents to monitor Exchange and AD servers ? Indeed I have another FW between my PaloAlto device and the Active Directory and Exchange servers I want to monitor. Is this SMB traffic on port TP 445 ? Is this the case for any version of AD / Exchange servers ? I can't find any infor...

SSH Decryption

Hi. If my FW is doing SSH decryption and sending all decrypted traffic out of a mirror port where my Kali machine is, what tools would be able to "read" the username/password from the decrypted SSH traffic? I was looking for something similar to what "dsniff" does for telnet; TELNET : 10.1.1.1:23 -> USER: myuser PASS: mypassword So basically,...

Resolved! Suddenly receive GlobalProtect Portal not found error only with specific Internet Service provider.

Suddenly I am receiving the error that GlobalProtect Portal not found or Invalid portal. Please contact your IT administrator.Earlier I had GP client version 4.1.2-11 installed So as a part of troubleshooting step I have upgraded to 4.1.8-2 but still receiving the same error. Also, I have restarted the PanGPS services and restart my laptop but ...

Resolved! Disable HTTPS

I am running pfBlockerNG.It cannot connect to Minemeld because of the self-signed certificate.This is for my home, so I don't have a signed certificate to use.Is it possible to simply disable SSL on the web server so I can get past the cert error? Thanks

jonjon by L1 Bithead
  • 9211 Views
  • 5 replies
  • 0 Likes

outside to inside nat tcp and udp specific?

i have a situation where outside users will tupe in a public ip which the palo alto will nat it into a inside privtae address likedestination "public" x.x.x.x port udp 8443 >>> translated destination "private" y.y.y.y udp 8443 ,but when i tired to do it i couldnt set the tanslated address port to tcp or udp? does it take the same tcp ...

Capture1.PNG
Capture2.PNG
Capture.PNG
chuckles by L2 Linker
  • 8258 Views
  • 5 replies
  • 0 Likes

Resolved! GlobalProtect with MFA - Always On

I was wondering if anyone here using GlobalProtect with MFA, such as Duo, Okta or Ping. Currently, clients portal app is set to User-Logon (Always On). I'd like to implement MFA for GP, but also keeping the always on functionality. The question is if the user does not enter their OTP, then GP will not connect. This would circumvent the always o...

MikeC by L3 Networker
  • 16610 Views
  • 11 replies
  • 0 Likes

TAP multiple virtual routers

Has anyone successfully setup a TAP interface on a pair of 5220s with multiple VRs to send the traffic to a single TAP interface/zone? Trying to integrate a sensor appliance in, but it's not passing any traffic...open to any suggestions at this point.

  • 24379 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks