This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4230 Views
  • 0 replies
  • 0 Likes

Security +

I’m studying for the Security + Exam. Any suggestions so I can pass the exam. I plan on taking the exam in February 2019. Thanks in advance

ShiemB by L0 Member
  • 3517 Views
  • 3 replies
  • 0 Likes

Credential Phishing Prevention with SSL

I'm planning to implement credential phishing prevention, but in looking over the documentation, all of the examples use HTTP and no mention is made of SSL sites. I would like to confirm whether it works or not, within the inherent limitations of SSL inspection. Additionally, if anyone has any tips or potential gotchas in implementing this, I'd ...

magates by L2 Linker
  • 5026 Views
  • 3 replies
  • 1 Likes

Assign Secondary Public IP address

We needed additional Public IP for SIP and web server hosting. My original IP was a single IP example "67.173.83.121\30". The ISP gave us another range to use 67.173.75.73\28. How can i add 67.173.75.73\28 range to my PA so I can apply NAT rules to it? Loopback interface? thanks

Problem with captive portal redirection for https

Hello there!I have Captive Portal configured in a firewall. Unknown users are redirected when attempting an HTTP site, but those users are not redirected to the Captive Portal page when attempting to reach an HTTPS/SSL site.The Captive Portal policy has been configured properly with options with 'service-http' and 'service-https', but browsing t...

Crednetial Phishing Agent Permissions

Does anyone know if the credential phishing agent requires different\additional permissions to the base User agent? I have installed with our 'standard' account and I get this in the logs:- 09/03/18 18:05:33:996 [ Info 2036]: ------------Service is being started------------ 09/03/18 18:05:33:996 [ Info 2043]: Os version is 6.2.0. 09/03/18 18:05...

apackard by L4 Transporter
  • 4453 Views
  • 4 replies
  • 0 Likes

VM-200- Upgrade from 7.1.x to 8.0.x

I tried to upgrade a VM-200 from 7.1.10 to 8.0.15 but it failed as we had 4Gb RAM. Is the requirement for upgrading to 8.0.x is 2xcpu,6.5gb –ram and 60gb.Is it the same if we upgrade to 8.1.x after upgrading to 8.0.x. Currently we have 40GB -- Can we resize this existing disk to 80GB on Hyper-v (VHDX) ? If we do so does PANOS automatically dete...

Resolved! Linux GP client

Now that there is a Linux GP client... How do we get it? Details:https://www.paloaltonetworks.com/documentation/41/globalprotect/globalprotect-app-new-features/new-features-released-in-gp-agent-4_1/globalprotect-app-for-linux The page Titled "Download and Install the GlobalProtect App for Linux"https://www.paloaltonetworks.com/documentation/41/g...

hshawn by L4 Transporter
  • 10010 Views
  • 12 replies
  • 0 Likes

Sub-Interface for one IP address

Hi There, I have a generic question about the Palo alto way of treating sub interfaces? Can I do sub interface on one of the physical interface for one netwrok address? for example, I did sub interface the ethernet1/5 as ethernet 1/5.123 and configured the netwrok 10.11.12.13/24 and no other networks exist on overall that physical interface. Con...

DHCP Options for Mitel VoIP

I recently replaced a Sonicwall with a Palo Alto firewall. One thing I could not get working are the DHCP options related to Mitel phones. I'm wondering if anyone has gotten these working. What the issue is that there are 3 options that are integers and the Palo Alto only supports IP, ASCII & hex. I tried converting the integer to ASCII and...

Trouble establishing IPSec to Cisco ASR 1001X

I'm working with a business partner and we've verified phase 1, phase 2 parameters. But this is what I'm seeing in logging after running test vpn ike-sa gateway: 2019-02-26 09:57:21.638 -0800 [PERR]: { 43: }: 77.77.236.54[500] - 207.99.97.218[500]:(nil) invalid ID payload.2019-02-26 09:57:23.588 -0800 [INFO]: the packet is retransmitted from 207...

How Set Up the VM-Series Firewall on XenServer?

Hello, everybody. I purchased the Vm-300 virtual firewall.I have installed XenServer 7.1 serversI would like to install version 8.0+ of the firewall on this virtualization platform. I have downloaded the OVA extension file, but the import of the virtual machine fails to import. Someone please let me know the correct way to configure the virtual ...

tls1.3 and required action?

I know I am late in posting about tls1.3.I have my permiter 5020s doing inbound and outbound ssl decryption. I'm currently on 8.0.13 and never had any issues. with tls1.3 coming this March, should I fear of breaking ssl connections and upgrade to later version soon? if so, what is the recommended OS? thanks.

Security Policy Application

Hello everyone,I'm hoping someone can help me understand why a security policy is not applying the way I thought it should. Here's what I have: I have each of our schools configured on different DHCP scopes. I then created an Address Object using slash notation for each of those DHCP scopes on the PAN. I then created a security policy per addres...

GCSS-RT by L2 Linker
  • 5907 Views
  • 10 replies
  • 0 Likes

Resolved! policy-deny website problem

Hey all,PA-3020 8.0.7I would like to access https://experimental-concert-research.org and I get "Secured connection failed"The traffic log allows those packets, but session end reason says "policy-deny".I have never seen this before.Can someone tell me what's the problem here?Thank you.

MPI-AE by L4 Transporter
  • 5153 Views
  • 4 replies
  • 0 Likes
  • 24355 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks