General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

SSO Error when Accessing KB or Supportcases Portal

Hello all,

 

Recently (these two weeks) I have encountered SSO Error when browsing to KB & Support Case pages which I don't have such issue before.


https://knowledgebase.paloaltonetworks.com/

 

https://supportcases.paloaltonetworks.com/_nc_external/i

...

SeanDeHarris_0-1657263836839.png

Captive portal SSL decryption policy requirement

Hi,

 

PAN has the following document [1] which says you need to have SSL decryption in order to redirect SSL pages to captive portal.

To me it doesn't seem to be accurate. Response page [2] workaround seems to be doing the same i.e without having an SSL

...

CRL Distribution Point (CDP) Config

Is there a place in the PAN-OS to configure the CDP address or does it only learn it from the certificate? We have a new CDP we are testing and have added it's IP to our cert but the firewall is not attempting to contact it, only the second one. Is t

...

LEEF Format

Dear Team,

 

Appreciate your feedback as we facing challenges with LEEF format when we configure a Syslog server with a custom log to allow integration with the Qradar SIM solution.

 

We use the same format as mentioned on the IBM website below,

http

...

Dual ISP Global Protect Redundancy

Hi Team, 

 

I hope ye all are well. We recently worked a case for a customer that had dual ISP configuration and wanted the Palo Alto Networks device to provide redundancy for the Global Protect Portal and Gateways in the event one ISP went down. We ca

...

interfaces.PNG
loopback.PNG
natRules.PNG
VirtualRouters.PNG

ESA | ELA When license price is increasing

Dears,

If we get an ESA / ELA let's say for 3 years, we pay the hardware, and then we would pay an initial price for support and licenses. Next, If the list price of support and /or licenses increase during these 3 years, and then we buy more hardwar

...

ftesta77 by L0 Member
  • 550 Views
  • 1 replies
  • 0 Likes

Error Handling in Custom Playbooks

Hello all,

 

To handle with different types of playbooks and tasks, is there any implementation method or best practice guide to identify errors in playbooks. If a task or subplaybook stucks in main playbook I want to get informed about it and handle

...

UmutAK by L1 Bithead
  • 518 Views
  • 1 replies
  • 0 Likes

Nuevas ISO 27001, 27005 y 27005

Como las nuevas versiones de las los estándares ISO 27000 se integran en la realidad de la seguridad de la información, y como se llevaría mejor su implementación?

#ISO27000

#ISO27001 

#ISO27002

#ISO27005

 

focampo by L0 Member
  • 462 Views
  • 1 replies
  • 0 Likes

Resolved! DNS security question

I have a question about DNS security and what exactly it does. For example, if I configure all DNS security domains to "sinkhole" but we already have our URL filtering profile blocking all of these domains already is configuring DNS security redundan

...

Claw4609 by L2 Linker
  • 923 Views
  • 4 replies
  • 0 Likes

Resolved! Help with DNS?

Hello Live Community. 

 

I am in a bind. I have all of our clients on networks using DHCP from our Palo Alto and pointing to Googles servers for DNS. Very quick and slick. unfortunately I need all computers, tablets, phones, etc... to see a server in

...

JCMoritz by L0 Member
  • 769 Views
  • 3 replies
  • 0 Likes

Yealink voip phone Busy Lamp Field

I have a palo alto 220 on OS 10.1 and recently put in yealink phones that access the phone servers through our ISP. Everything works except for a function called 

Busy Lamp Field (BLF)

BLF is an acronym for Busy Lamp Field, which is a light on an IP

...

Resolved! VM monitoring sources attributes/annotations

Does anyone know more on the use of the "annotation" field for use in a dynamic address group from a vm information source?

Can the notes or tags field in the summary tab in vCenter be used to apply custom annotations? Any assistance on the syntax wou

...

vc.jpg
dag.jpg