General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

How and Why to Accept a Solution to Your Post

Did you know that you can help your fellow community members by accepting solutions when a reply answers your question. Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature

...

JayGolf_0-1691518400714.jpeg
JayGolf by Community Team Member
  • 2842 Views
  • 2 replies
  • 13 Likes

BGP Advertising prefix to same AS it was learned from.

I'm working on a VRF-centric DC model that utilizes a PA as the firewall platform between VRFs. One of the snags I'm hitting is that if a route is learned from R1 on an AS (say 65001), and is advertised via eBGP to the PA (AS 65002), the PA won't eve

...

Tyler_C by L1 Bithead
  • 9328 Views
  • 14 replies
  • 0 Likes

BGP config same AS different locations

Hello,

 

We found some BGP routes with same AS we are using at our PA3020.

PA3020 AS 65400

 

 

BGP route (from Cisco Router)

 *   172.27.0.0/20    193.242.39.6                           0 65394 65390 8035 21302 65400 65316 64540 4755 4755 i

 

Usually with Cis

...

user-id agent

Hi

 

So I have 

850 - single pa 

5220 - 2 in a Active active setup

panorama

 

For Windows i have

3 x MS AD - my AD trilogy 

2 x Exchange boxes - they curently are AD's as well

2 more AD - old boxes with FS and PS 

2 FS ... not AD's

 

 

I have userid setup for all

...

block all video streaming with palo alto PA-850??

Hello all,

 

I want to block all video treaming with palo alto. do do following this:

    1, go to Objects--> URL fitering--> add new URL fitering with name block_video.

    2, in categories, I check in streaming-media and choose block.

    3, I create th

...

Chivas by L2 Linker
  • 5757 Views
  • 7 replies
  • 0 Likes

Global Protect Client Bundles not installing. VM100

I am trying to install a client bundle for GP on out test VM-100

 

The VM has no internet connection so I downloaed the bundle from PA

 

PanGP-4.0.6

 

On "device > Global Protect Client " I upload the file, which works but nothign is displayed.

 

If i go to

...

Resolved! ICMP reply from the firewall instead of endpoint destination

Hello everybody,


What could cause ping to respond from a different IP?
When tested from source, the response message of the ping command is successful and it's coming from the PaloAlto firewall, not from the destination IP.
Where and how can I verify on

...

000000 by L1 Bithead
  • 2504 Views
  • 2 replies
  • 0 Likes

New Feature request or ?

Hi

 

I would like to have apolicy that just logs and does nothing else - ie the packet keeps getting evaluated.

 

some times I want to know there is packet there but not process it with that line.

 

Can this be done already ?

Azure Site Recovery Miner - XML source into Minemeld

I'm looking to do, what I believe, would be a simple minor for Azure Site Recovery IP list.  The list is located here and is in XML form.  

 

https://aka.ms/site-recovery-public-ips


I have bounced around on some articles and tried to follow a few, bu

...

Jmarx1 by L1 Bithead
  • 3336 Views
  • 1 replies
  • 0 Likes

Resolved! Template vs Device Group

Hello All - I am fundamentally not understanding the difference between Template and Device Group.  Using teamplate i can push a policy to multiple Firewalls.  Looks Device Group also does the same thing. 

 

What is the difference, and use case. When t

...

Resolved! Moving Colo Datacenter

Hi folks,

 

We got some dreaded news that our colo vendor is not renewing lease and we are now moving.

We have two 3020 firewalls configured in HA.

 

I am looking for any general comments that could help in my direction.

 

One thought:

  • Break HA.
  • Take secondar
...

OMatlock by L4 Transporter
  • 4421 Views
  • 7 replies
  • 1 Likes

Palo Alto against spam

hello

İn the network users get many spams.We dont have any other anti-spam solution.Is it possible to stop spams by Palo Alto NGFW?

Radmin_85 by L4 Transporter
  • 8292 Views
  • 4 replies
  • 0 Likes

Resolved! Global Protect Migration Assistance

Hello!

 

So, we inheritted an infrastructure with a few hundred VPN users whose Global Protect clients were all deployed pointing to the IP address of the GP Portal (not an FQDN). And, of course, we are now in a position where that physical site (and i

...

locampo by L2 Linker
  • 5976 Views
  • 6 replies
  • 0 Likes
  • 24006 Posts
  • 99 Subscriptions
Top Solution Authors
Top Liked Authors