This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Resolved! config push from panorama to HA PA

 

New configuration  is pushed from Panorama to a pair of firewalls that are configured as an active/passive HA pair.

will both PA active and passive syn theconfig ?

 

 

MP18 by Cyber Elite
  • 9010 Views
  • 2 replies
  • 0 Likes

Pre-Logon Machine Certificate placement

When doing pre-logon with machine certificate, where does the certificate need to be placed? Documentation says to put it into computer>personal, but i am unable to do this via GPO directly. Can it be placed into any of the other stores?

welly_59 by L3 Networker
  • 1760 Views
  • 1 replies
  • 0 Likes

Switch Redundancy at Access Layer

This is a bit off topic, but I thought some folks might have some knowledge and wisdom to offer. 

 

Where I work we're working dilligently to provide robust resiliency and redundancy for our firewalls using dual powersupplies, HA, and multiple ISP circ

...

locampo by L2 Linker
  • 7590 Views
  • 12 replies
  • 0 Likes

Problems with SIP

Hello

We have 3CX server - IP telephony inside the network.When we pass the SIP traffic through PA it gets problems

We try to connect through SIP :5060 port o outside server on ISP side but it doesnt work

we made application override and also disabled A

...

Radmin_85 by L4 Transporter
  • 2281 Views
  • 2 replies
  • 0 Likes

User-ID agent and SSL Error

I have been getting a ton of email alerts with issues with user-id agent and ssl connection errors even though the status is "green" showing "connected." I have verified the cert is valid and it is a self signed cert valid until Feb 2019. I have perf

...

Resolved! application dns and action reset both

 

need to understand deeply reset both action by PA for dns query in threat logs

I know PA send the tcp fin to both ends.

 

But client who is doing dns query if it does not get reply what does it shows there ?

does the client again makes query?

 

or does PA

...

MP18 by Cyber Elite
  • 4999 Views
  • 11 replies
  • 0 Likes

Resolved! suspend active panorama when passive panorama is rebooting

 

If passive panorama is going through reboot.

 

Active Panorama  shows passive panorama as unknown   

 

what will happen if i suspend the active Panorama ?

 

will all the firewalls connected to the Active panorama will get disconnected?

MP18 by Cyber Elite
  • 3032 Views
  • 6 replies
  • 0 Likes

Resolved! Source Users and Source Users Reported as "None" By FW

Hello,

I'm on version 8.1.2,  in ACC tab I do have a User Activity "widget" or pane that shows Source User, Destination User, Bytes, Sessions, Threats, Content, URLs and Apps. Always the Source User, presents "None" for Source User and also I see "Non

...

Restrict network access for mobile devices

Hello,

 

I have an environment where mobile devices are managed using MobileIron. I want to restrict network access such that the only mobile devices that can connect are managed and belong to a known user.

 

What is the best way to approach this problem

...

mikembau by L0 Member
  • 1829 Views
  • 1 replies
  • 0 Likes

Resolved! GlobalProtect - To which ethernet interface? WAN Facing?

Greetings,

I am setting up GP on a small home office PA220 .  I have a single E 1/1 Untrusted L3 interface that is internet facing.

My logic tells me this interface should have the GP configured on it.  However, the documentation and video turtorials d

...

catrock by L2 Linker
  • 4812 Views
  • 6 replies
  • 0 Likes

Almost all traffic identified as unknown-tcp?

We are seeing some of our Palo's periodically logging (almost) all traffic as unknown-tcp.

 

As the traffic is being allowed through (and logged against) rules that do not allow it we assume this is a problem with the logs, rather than traffic being mi

...

apackard by L4 Transporter
  • 4078 Views
  • 4 replies
  • 1 Likes
  • 23725 Posts
  • 104 Subscriptions
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks