General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Active Active Setup PA-500

Hello

Could someone direct me or provide me with instructions on setting up twp PA-500's in an Active Active configuration?

Much appreciated and Thank You

RyanA. by L0 Member
  • 2730 Views
  • 2 replies
  • 0 Likes

How vulnerability profiles work

Hi Guys,

Please need your supprt in understanding how  vulnerability profiles work or in general how security profiles work.

I have done a lot of studying in this regard and all they say is that it works on the basis of signatures.Below is my understan

...

mahmoodm by L3 Networker
  • 1726 Views
  • 6 replies
  • 0 Likes

Resolved! SMB versions

I currently have ms-ds-smbv2 and ms-ds-smbv3 permitted but I am seeing ms-ds-smb-base getting denied.

 

What is ms-ds-smb-base?  Is this the same as ms-ds-smbv1?

 

Thanks!

 

 

SMB : SMB: User Password Brute-force Attempt

Hi,

 

my customer had a problem with this threat. They have a internal app which was failing when palo alto updates changed the action to reset-both. Customer told me that this problem started last 15/06 but i went to the PA updates mails and i didnt s

...

Resolved! How does link monitoring work in High Availability ?

Hi All,

 

I am working on the following HA design -

 

 

 

 

As you can see above, each firewall will have two interfaces connected to Juniper routers on the inside and outside zones. The firewall peers will also be directly connected to each other for the H

...

(Vendor - PAN) 40 Gig PRD Firewalls Topology (1).jpg

Issue with NAT over Site-2-Site VPN

Hi there,

 

I am reasonably good with Palo Alto Firewall however struggling with the NAT over VPN. I am trying to hide some internal IPs behind 9.9.0.1/32 and 9.9.0.1/32 is configured in Proxy ID as Local host. VPN phase 3 comes up but i think the way

...

nvirmani by L1 Bithead
  • 2305 Views
  • 7 replies
  • 0 Likes

Panorama Problems!

Any ideas how to fix the following error: Failed to establish SSL connection to Panorama Server: Port:3978? We are unable to view the logs on Panorama or push the firewall policy from there as a result so it's causing a few issues to say the least. A

...

Proxy server for PA services

Hello,

 

We are using a proxy server to control Internet access from internal resources, including the PA firewall. This proxy can only be used to reach external destination.

Also, we had to configure the proxy server on the PA device (Setup -> Services

...

Resolved! Delete VSYS configuration

I have a VSYS on my PA-5050 which is no more required and needs to be deleted.

What steps needs to be taken for this?

Is it unassigning all the interfaces in that , deleting all policies etc or do we have a proper step by step thing for this?

Thanks all

...

Vaibhav by Not applicable
  • 6193 Views
  • 5 replies
  • 0 Likes

Resolved! BGP filtering question

I am trying to migrate from RouterOS BGP setup.

 

I have filter rule like

chain=BGPINFilter-common prefix=10.32.0.0/14 prefix-length=14-32 invert-match=no action=discard set-bgp-prepend-path=""

 

basically it drops all prefixs for 10.32.0.0/14 down to /32

...

Resolved! License/Eula for GlobalProtect Portal client v3.x

We have a client that requires GlobalProtect for connecting to their network. Their site provides the installers which is version 3.1.1.27. We have an internal team that insists on receiving a license description or EULA for using the client binaries

...

Panorama standby password expired

Hi,

 

One of my accounts on Panorama standby doesn't let me login. I get "Password expired" message. I tired to change password for active unit and that still did not fix issue. I tired to delete and recreate account from active unit that still did not

...

junior_r by L3 Networker
  • 1357 Views
  • 6 replies
  • 0 Likes

xForward for IP

Does the Palo Alto support the xForward for IP in relation to content delivery networks? We have the content delivery network fronting traffic and in some cases we see requests coming back showing the CDN IP, we are more curious about the details aro

...

jhenkel by L0 Member
  • 689 Views
  • 1 replies
  • 0 Likes
Top Solution Authors
Top Liked Authors