General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Resolved! after 11.1.5-h1 update, 11.1.5-h1 missing from software list

I recently updated to 11.1.5-h1 on one of my firewalls and the software area updated to show the base versions and previous preferred versions we were running but I am not able to see that I am actually on the 11.1.5-h1 version. I assume it isn't listed since it isn't preferred but then how do I know for sure what version I am running? Do I need...

Setting Up a Remote VPN using Connect Before Logon

Looking for some assistance as I am building out a remote vpn using Connect before logon for my Palo Alto. Does anyone know a simple, easy way to set this up with LDAP. Some article are outdated and some are inconsistent in their approach verse other documents. Appreciate the help.

Unable to commit changes

Hello team, i have been facing the below error when trying to commit changes in palo alto firewall pa-1420 invalid local dhcp setting for monitor destination 8.8.8.8 (module routed client routed phase 1 failure please help.

GlobalProtect fails to connect to backup gateway when portal is down

Hello, PAN-OS 8.1.4; GP 4.1.6I am using only the one VR with dual gateways and ECMP routing enabled with WRR (Weigthed 1/4 (WAN1=50, WAN2=200).I have one portal configured for WAN2. I have two (2) gateways; one on WAN2 and one on WAN1. When WAN2 is up, I can acces the portal and the gateway on that interface.When the portal is down (WAN2), and ...

Hardening Guide for PAN NGFW and Global Protect

For compliance reasons, specifically StateRAMP (and likely FedRAMP in the distant future), I'm looking for any hardening guides or STIG for the PAN NG-FW and Global Protect or even general best practices. I feel odd asking for "security hardening" for a security solution, but I'm just making sure all bases are covered. I've found a couple t...

malmgren by L0 Member
  • 2800 Views
  • 1 replies
  • 0 Likes

Introducing the LIVEcommunity Support FAQ: Your Valuable Customer Resource

LIVEcommunity is thrilled to introduce its new Support FAQ section, designed to help Palo Alto Networks customers quickly resolve their common queries. You'll find this new area under the Articles section of the main menu: Our goal is simple: provide clear, comprehensive resources that address your most frequent issues. Using data-driven ...

kiwi_0-1719493645523.png
kiwi by Community Team Member
  • 3035 Views
  • 2 replies
  • 1 Likes

Firmware upgrade ver from 10.2.10 to 11.1.x.

Hi Support,Our organization is in the process of upgrading the firmware of Palo Alto 460. We are now on 10.1.10. We would like to upgrade to 11.1.x. I would like to know which is the recommended version. There is always a dilemma of which version is the best and have minimum vulnerabilities. By reading various documents it is more confusing to u...

how to uninstall global protect when it keeps reinstalling even after i uninstall it (i have admin)

Hi there, Ive tried to uninstall gp from my computer, however, it keeps reinstalling. I have tried deleting all files related to gp (e.g appdata gp files and gp program files). ive also tried this method (link is below) but it doesnt work as it keeps reinstalling. Does anyone know how to uninstall it permanantly? https://knowledgebase.paloal...

Mulit-Vsys setup with Wildfire

Hi Friends, We are planning for a multi-vsys PA setup, where one vsys will have only L3/L4 policies and second vsys will be in L2 bridge mode with Threat prevention features only. Vsys1 will only scan L3/L3 policies while vsys2 will scan traffic for any threats. We believe this is logically possible solution, need some clarity on integrating W...

Site blocking under music category

Hi Team, One Visa processing URL blocking under Music category in my firewall. I ready added the this site into allowed list. But still blocking under music category. How to allow this URL make acces withough enable music category.

IPsec tunnels to multiple peers with overlapping remote networks

Say I have site-to-site IPsec tunnels from my Palo to 2 different peers. How do I handle the case when the 2 peers have the same or overlapping networks? Do I ask one of the peers if they can NAT their network to something that doesn't conflict with my other peer? What if neither peer is able to NAT?  

ipsec_overlapping_remote_networks.png

GP Always on VPN - Except if on internal LAN?

Is there a way to implement this? I have seen the internal host detection option but as far as I can see that is only to choose whether you connect to an internal or external gateway.I want all remote site users to go through the Palo Alto, but I can achieve that by routing alone. I dont see what I would be achieving by forcing vpn while on inte...

welly_59 by L3 Networker
  • 4409 Views
  • 3 replies
  • 0 Likes

GlobalProtect Always On Issue

I am currently testing GlobalProtect Always on, I have configured to operate at user logon. The issue I am having is that on start-up of my laptop, on my corporate network I am prevented from any network access. If I connect to my public WIFI and connect GlobalProtect and can access my network ok. Reverting back to my corporate network and it th...

rossm by L1 Bithead
  • 6365 Views
  • 8 replies
  • 0 Likes

how to add certificate global protect for ipad

Hi everyone,"I'm stuck at step 7 (7- Settings > Profile downloaded >"Im stuck in" Install > Enter phone Passcode > Install > Install > Install >Done),When I install the certificate, it shows a notification that it cannot be verified "not verified' When setting it up, there is an additional message: 'The authenticity of "myna...

HAINVH by L1 Bithead
  • 1929 Views
  • 4 replies
  • 0 Likes
  • 24393 Posts
  • 123 Subscriptions
Top Solution Authors
Labels