This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4110 Views
  • 0 replies
  • 0 Likes

GlobalProtect Windows client - command line interface?

We're using the GlobalProtect Windows client application to connect to a customer’s VPN. We’d like to automate this process, as right now our only way to connect is to click on the tray icon ‘Connect’ option. Is it posible to automate (e.g. via command line) the process to connect/disconnect into our customer’s GlobalProtect system? TIA

Resolved! VPN IPSec gcm or cbc cypher types

When configuring VPN to a 3rd party vendor and you are given the required settings for IPsec profile as sha1 or sha256 only, however on the Palo Alto firewall we have the option to use cbc or gcm, e.g. aes-256-cbc and aes-256-gcm.In the past I used to add both to the profile, but I need to automate bulk VPN creation and it will be easier to sele...

BatD by L4 Transporter
  • 19187 Views
  • 6 replies
  • 0 Likes

DNS proxy rule

I have a DMZ zone for guest wireless users on Palo Alto. They use our internal server 192.168.10.10 for DNS. I am trying to configure the firewall to force them use 8.8.8.8 for a specific domain eg:*.amazon.comPlease let me know if configuring a DNS proxy with 192.168.10.10 as Primary and creating DNS proxy rules with fqdn *.amazon.com-pointing ...

Resolved! stdlib.localLogStash - How to get mined data into logstash

Hello Team, I have set up few IP miners and then processing through a inbound aggregator and then giving it to Logstash output,Names have been customised as I have cloned the aggregator and output from existing prototypes.I am not seeing any indicators in DARP-output [stdlib.localLogStash] . is it normal ? and can some one help me with logstash ...

Resolved! Packet Capture Filters via CLI using debug commands

I am trying to capture traffic between a specific source on the internal network to any destination on any zone. I totally understand how to enable captures and turn it on & off but my capture seems to be colleting data but not anything that I can recognize. I have double checked my filter & the traffic pattern, addresses & interfa...

Resolved! Global Protect User cant login to the portal

User can login to GlobalProtect Portal normally. However, clicking a link to download the GlobalProtect client fails with the following error: "Could not find file". Note: Global Protect agent has already installed and activated on peers

Problem with Panorama commit

Hello there!I have a problem when I try to push the commit to Panorama. This commit is added to the queue, but then nothing else happens. The odd thing is that nothing is queued in the firewall queue...Thanks in advance.

Resolved! URL Filtering - How does it work exactly with Service interaction

So let me start here fundementally all I'm trying to do is something like "Computer Y can access MS updates and nothing else" and my three pointers were: https://live.paloaltonetworks.com/t5/General-Topics/Security-Policy-with-Service-URL-category-configuration/m-p/233176#M66885 https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10...

PeterT by L2 Linker
  • 10628 Views
  • 6 replies
  • 0 Likes

VPN-NAT question

I have 10.240.0.0/12 in the Proxy ID and would like to NAT all my 192.168.x.x addresses behind 10.248.250.10 out of that 10.240/12.my plan is to create the NAT rule and assign that 10.248.250.10 to the VPN tunnel Interface. will this create a route to whole 10.240/12 or just 10.248.250.10? I have active networks on 10.240 subnet. so trying to b...

Troubleshooting User-ID from syslog listener

I've configured my 5050's to be Syslog Listeners for a couple sources so that I can parse User-ID information out of them. I did so following this document here. I can see via the command show user server-monitor state XXX that I am receiving log messages, but so far none of the are registering "success messages". I'm having a hell of a time g...

  • 24332 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks