General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Threat Vector, a Unit 42 Podcast, is Now on LIVEcommunity!

We have some exciting community news to share: Threat Vector, a Unit 42 podcast, is now on LIVEcommunity!

 

Threat Vector is your compass in the world of cyberthreats. Listen to this biweekly podcast to learn about unique threat intelligence, cutting

...

jforsythe by Community Team Member
  • 322 Views
  • 0 replies
  • 0 Likes

How and Why to Accept a Solution to Your Post

Did you know that you can help your fellow community members by accepting solutions when a reply answers your question. Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature

...

JayGolf_0-1691518400714.jpeg
JayGolf by Community Team Member
  • 3678 Views
  • 2 replies
  • 14 Likes

I want to block PotatoVPN ( Threat ID 86751 )

 

I want to be able to block PotatoVPN Traffic. I am successful in most of my other VPN threat hunting safaris but this one is fairly new and my current rules don't capture this little guy.  Has someone out there created a policy that successfully bl

...

upgrading PAN-OS

Hi 

 

I want to upgrade the 8.1.x to the latest version , after two upgrade stay on 8.1.24. I tried to move to 9.0.X but failed. Could you please let me know how I can upgrade to 9.x? (As information that I have find need the Preferred release It mea

...

Resolved! VPN traffic capture

Hello,
I need to capture what passes through a VPN site-to-site tunnel. I'd like to see the tunnel and not the ESP.
With tcpdump you can use the command "tcpdump -i enc0" which decrypts the ESP.
On Palo Alto, what is the equivalent command? Because wit

...

Python script not working on PANos 10.2

Good Day,

I currently extract custom reports for the strata firewall running PANos 9.1.x and 10.1.x using Python but I am having a problem running the same python script on PANos 10.2.x

 

Has anybody else encountered this problem?

Lance by L2 Linker
  • 347 Views
  • 1 replies
  • 0 Likes

AD Groups not working in Policies

Hello all, this sounds very similar to a previous post I found on here but I could not see a resolution. Very basic. I am trying to block or allow a domain user from the internet, from LAN zone to WAN zone. This will not work if I have domain\user in

...

GWynn_0-1694757547028.png
GWynn by L3 Networker
  • 2198 Views
  • 20 replies
  • 0 Likes

Enterprise PKI Cert Chain Error

Hello 

 

we have our enterprise CA and our PA firewalls have signed certs from it. Now for our captive portal, we also have a certi signed from our enterprise CA. Everything works and there is no browser error for certificate.

But in the FW commit, we g

...

Azure SAML authentication not Happened via GP Agent

Hi All,

We have implemented the SAML two-factor authentication for Global Protect users.

 

We have tested via browser for SAML authentication, and the page successfully redirected to the Microsoft sign-in authentication page. After signing in, the Tw
...

GlobalProtect IOS stuck

Good day,

 

After updating to10.2.1 and 6.0.2 GlobalProtect client I could not connect to VPN.

The problem was occurred for one endpoint. So I used the second one to connect and update the client.

 

Also the DNS(for split tunnel) was not work. I had to ma

...

Pantelis by L1 Bithead
  • 6586 Views
  • 18 replies
  • 0 Likes

Resolved! ping between vyos router and pa-vm not working

Hey all.

 

I'm starting my PCSNA journey and I've been going through CBT Nuggets and have setup the CBT Nugget lab.

My 1/6 interface 23.1.2.15/24 cannot ping my vyos router ip at 23.1.2.1/24 and vice versa.

I have allowed ping via the interface manag

...

Resolved! Site flagged as GRAYWARE (help!!)

I have detected that my website alde.es has been marked as grayware and it must be a mistake.

It is a very simple website of a non-profit university association that has no advertising.

 

I have checked everything on the server, updated plugins and w

...

PA-3020 AutoCommit fails - commit force fails

Hey all!

I have a problem with my second passive PA-3020. (7.1.7)

We had a loss of power so the firewall was shutdown hard.

When it's booting now, the autocommit fails.

When I do a commit force, it says: "Threat database handler failed".

Then I stumbled o

...

MPI-AE by L4 Transporter
  • 17040 Views
  • 11 replies
  • 0 Likes

UserId Mapping Issue - Regex Issue

We have a user id mapping coming initially as useraname@company.com as we are moving away to a different authentication, the username is coming as company\username and we were inserting default domain as the domain of the company.

 

we were getting u

...

NiteshS by L2 Linker
  • 461 Views
  • 0 replies
  • 0 Likes

ZTP stuck at Connected no

I have a pair of 3410s that I am trying to onboard through ZTP. I have gone through the steps of setting up a cert on the PA and registering the firewalls. However the device state in panorama shows disconnected. I can confirm that the firewalls can

...

  • 24192 Posts
  • 100 Subscriptions
Top Liked Authors
Labels