This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

General Topics

Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

 

Rules and Best Practices

 

  1. Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion
...

JayGolf by Community Team Member
  • 777 Views
  • 0 replies
  • 0 Likes

Resolved! Troubleshooting Application Incomplete with two way TCP traffic

We are having issues with one application while migrating the network from ASA to PA

PA is Running 8.0.9 on 3020.

 

Application shows as incomplete with more than 4 packets.

We see trasmit and receive in the PA.

Nothing in threat logs.

 

As per TAC they say

...

MP18 by Cyber Elite
  • 37519 Views
  • 6 replies
  • 0 Likes

Resolved! Phase 1 is down but phase 2 is up- test vpn phase 1 and 2

we have tunnel from PA  to vendor which is using Cisco ASA.

When there is no interesting traffic tunnel is down by design this part is ok.

 

but today i saw phase 1 as red and phase 2 as green on gui.

I did the 

 

test vpn ike command and phase 1 was green

...

MP18 by Cyber Elite
  • 7709 Views
  • 2 replies
  • 0 Likes

PA-VM not recognizing SSL and denying traffic

Hello,

 

We are implementing SSL Decryption to PA.

 

Because of this forcepoint agent (that is installed on theworkstation), the return traffic from the Internet (ie: facebook.com, etc) will be denied by the firewall as the SSL certificate has been chang

...

Resolved! Error Message in PANGPA logs

Hello,

 

We are using 4.1.0-98.

 

The clients at fault work fine through a tethered mobile, however when connecting to their home WiFi the connection is successful but nothing will work through the VPN.

 

Below is a log snippet. What exactly is going on he

...

Critical System Alert

The firewall has flooded the system logs with the following message:

Traffic and logging are resumed since traffic-stop-on-logdb-full feature has been disabled.

 

Software Version- 8.0.3-h4

Model: PA-3020

 

Disk space looks fine:

 

Filesystem            Size

...

Incorrect User-ID

Hi all,

 

I'm having an odd issue.  I have global protect configured and using Okta (saml) authentication.  Now everything is working fine except that a handful of users have the wrong user-id.  All users are expected to have their email address as the

...

Resolved! Identical Rules on 2 Firewalls

Hello

 

Is there a way in which I can see which security rules are identical on 2 Palo Alto Firewalls?

 

Probably with Migration Tool or something?

 

BR,

RJ

Resolved! PanOS 8.1.5 No SNMP ifInOctets/ifOutOctets

We recently upgraded our firewall to version 8.1.5 and noticed that SNMP data traffic monitoring stopped working. If we get de SNMP values, we receive this informations:

 

 

IF-MIB::ifIndex.9 = INTEGER: 9 IF-MIB::ifDescr.9 = STRING: ethernet1/4 IF-MIB::...

Resolved! DNS is changing?

Anybody has hear about it and are PA firewalls effected by it. It seems they are making some changes to its functioning. Does PA application supports the said change?

  

https://dnsflagday.net

______________________________ What is happening? The curren...

raji_toor by L4 Transporter
  • 3733 Views
  • 3 replies
  • 0 Likes

GP+DECRYPT+MFA

 

Hello,

 

I have been playing around with this setup:

 

- user connect to internal network with globalprotect

- initiating any connection to internal resources trigger ether a redirect to captive portal for MFA challenge or a global protect popup with the

...

norbhinn by L1 Bithead
  • 1957 Views
  • 2 replies
  • 0 Likes

Resolved! Application changed color in ACC.

Hello,

 

I changed a timeout value on an application and then changed it back to original setting, after this:

 

The application show up in a greenish color (like the support info button color) in ACC

The application lost its category and sub-category. Bo

...

norbhinn by L1 Bithead
  • 2235 Views
  • 2 replies
  • 0 Likes

Resolved! LACP question

I was given this design to implement on our PA 5050's. This would be to segregate a user segment (4500x-VSS) from the data center (7K's vpc). Can anyone tell me if this is a valid LACP connection? I have never seen it done without a Stacking or VPC l

...

Capture.JPG
jstalone by L0 Member
  • 1868 Views
  • 1 replies
  • 0 Likes
  • 23986 Posts
  • 115 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2025 - Palo Alto Networks