General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Edge Firewall Design

I am trying to design the edge firewall and core network currently and I have a core Layer not in a "stack" or "VSS" so they are independent Core switches. They are doing the routing to the private WAN, and will be doing the routing to the Edge Firew

...

UserID and VPN

Is it necessary to have userid enabled on the VPN zone interfaces to see the userids?

jdprovine by L4 Transporter
  • 1500 Views
  • 8 replies
  • 0 Likes

Trust and Untrust on same interface

I am pretty new to the Palo Alto's so I have a questions that will be pretty easy to answer.

 

I am setting up a PA-820 in Virtual Wire and we have both Trusted and Untrusted networks on the same interface from the router.  The External interface is th

...

Default cursor location on GlobalProtect iOS login

Is there a place to report issues? On GlobalProtect forIOS, you can save your default username for your VPN, and the app pre-populates the field, however it leaves the cursor in the username field. It should, however, start in the password field. It ...

wseguin by L0 Member
  • 1067 Views
  • 3 replies
  • 0 Likes

Resolved! Does globalprotect detect roaming between networks?

Dear Community, 

 

I´d like to check with you regarding the following globalprotect scenario:

 

I´m connected with my laptop to the LTE mobile network to be outside and I´m connected to the external gateway, when I connect to the wifi network... Is it po

...

Carracido by L3 Networker
  • 1509 Views
  • 2 replies
  • 0 Likes

Failover IPsec VPN with Dual ISP

There are serveral resource available for Dual ISP and with Failover VPN on Live community such as https://live.paloaltonetworks.com/t5/Configuration-Articles/How-to-Configure-a-Palo-Alto-Networks-Firewall-with-Dual-ISPs/ta-p/59774 . But here are sti

...

Ch.Ratha by L1 Bithead
  • 7829 Views
  • 5 replies
  • 0 Likes

Resolved! Determine IPSec tunnel performance?

Hi folks,

 

We have several IPSec tunnels, but only one is complaining of poor performance using a specific application that the tunnel is meant for.  Management asking for firewall stats to prove if it is related to IPSec tunnel/firewall performance i

...

OMatlock by L4 Transporter
  • 3637 Views
  • 5 replies
  • 0 Likes

Resolved! PA-7000 Not passing syslog traffic to Tufin

Hi All,

 

We have a PA-7000 (7.1) and Tufin (for syslog).

 

The system was previously setup to forward syslog traffic to Tufin. 

Then all of a sudden, Tufin wasn't receiving any traffic.

 

What I have done so far:

 

  1. Went through the saved configurations to se
...

Multiple overlapping IP customers behind IPSEC tunnels

Hello,

 

I have two customers with the same IP subnet, both behind separate IPSEC tunnels to my London hub (image attached, apologize for poor quality). Is it possible they can connect to my hub without any NAT on their side ? 

I've done a hack I don't

...

IMG_6826.JPG
kefiras by L1 Bithead
  • 2630 Views
  • 3 replies
  • 0 Likes

Resolved! Minemeld List or Miner for a static list of IPs/URLs

Creating this post based on another thread. In a previous post's comment section, @spssspss asked "Is it possible to create a white list from an IPs address file?" and Luigi requested a new post be created for this functionality.. 

 

Can a list of IP

...

chmotley by L2 Linker
  • 5993 Views
  • 2 replies
  • 0 Likes

Resolved! Can't update a PA-200 manually

Hello

 

i have an PA-200 running with PanOS 8.0.3 that got no support. Before i could do an update of PanOS manually without Support License. Now i wanted to do an manual update to 8.0.6 but it didn't work. I only get a message that the device got no s

...

s.debus by L1 Bithead
  • 1750 Views
  • 2 replies
  • 0 Likes

Need to enable Multicast on Site to site IPsec Tunnel

 

I am working for a product based company, Our Company products will work on Multicasting. usually most of our clients are using Cisco and Juniper equipment . Recently we got a new client and where they want to deploy Palo alto firewalls on multiple

...

suppind1 by L0 Member
  • 1448 Views
  • 2 replies
  • 0 Likes
Top Solution Authors
Top Liked Authors