General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Resolved! Single vWire to Multi vSys

Hello,

 

I wonder if someone can help - I currently have a firewall deployed in a vWire configuration, however the requirements for the site are changing and we now need to utilise the Multi-vSys feature.

I've had a look but can't see any information th

...

lscott01 by L0 Member
  • 2056 Views
  • 2 replies
  • 0 Likes

Resolved! Troubleshooting Slowness with Traffic, Management

Hi,

 

I am reconfiguring my PA-100 VM, as i am changing the network design, but after i changed the interfaces IP, Router configuraattion, NAT policy, and security policy. I cannot get to internet and in monitroing end reason is "aged-out"

 

From CLI i c

...

GWASSEF by L1 Bithead
  • 3586 Views
  • 6 replies
  • 0 Likes

Resolved! How to create an internal type NAT?

Hello folks,

 

Not sure if my question is worded just right, but here goes. 

 

We have a partner company that has a Juniper NAT type of device plugged into our PA 3020 that does a NAT to a server in there environment, which we communicate with fine usin

...

PANAT.jpg
OMatlock by L4 Transporter
  • 1579 Views
  • 6 replies
  • 0 Likes

Hands on Palo Alto practice

Hey Guys,

 

I'm looking for a place I can practice using a PA firewall without actually purchasing one. Are there any rentals like INE's rack rentals for other technologies?

Willjdm by L0 Member
  • 1423 Views
  • 2 replies
  • 0 Likes

Resolved! push the commit on one member of the cluster only?

Hello,

To test the link monitoring of the high-availability, i want to shut one interface on the active member.
I set up the interface at down but i do not find how to do the commit on the active member only.
Is there a solution to push the commit on on

...

pmartyn by L1 Bithead
  • 1811 Views
  • 5 replies
  • 0 Likes

U Turn NAT from External to Internal with FQDN Object

I know how to create a standard U-Turn NAT from outside to inside and that works fine as long as the INTERNAL object is an IP Netmask address.  On the NAT Policy Rule the Original Packet is a static IP on my external facing range.  The Translated Pac

...

TNaami by L1 Bithead
  • 1227 Views
  • 1 replies
  • 0 Likes

GlobalProtect Certificate Profile not on Gateway and Portal

Is there any specific why someone would configured a certificate profille only on a GP Gateway and not on a GP Portal  (or vice versa)?

 

In tutorials or videos, I've always seen it configured on both, but on some networks I've seen people only configu

...

ce1028 by L4 Transporter
  • 699 Views
  • 2 replies
  • 0 Likes

Resolved! Policy behaviour change

Hello,

 

We know that policy behaviour changed from version PAN-OS 7.1 as per the link below.

 

https://live.paloaltonetworks.com/t5/Configuration-Articles/PAN-OS-7-1-Policy-behavior-change-application-default/ta-p/75664

 

However, we upgraded from 8.0.0 o

...

Farzana by L4 Transporter
  • 865 Views
  • 2 replies
  • 0 Likes

Traffic for frontapp.com getting blocked

Hello,

 

We need some assistance in allowing URL: https://frontapp.com through our FW. It is hitting the interzone-default policy and getting blocked. We made sure the category: computer-and-internet-info is allowed. Also, tried adding *.frontapp.com i

...

Policy.jpg
LogView.jpg
Deny-Traffic.jpg
Farzana by L4 Transporter
  • 933 Views
  • 1 replies
  • 0 Likes

Raw log file extraction

Hi All , 

 

Can anyone tell how to extract  old the log files from CLI , is there any dirctory to reach which contains log file please provide us the path . 

Himarya by L1 Bithead
  • 2574 Views
  • 5 replies
  • 0 Likes

SNMP problem

Hi everyone

 

I have a palo alto device with snmp configuration to send snmp packets when something happen (for example when an interface is down or up), the problem is when an interface is down the snmp server does not see snmp packets and if I make a

...

snmp.png
SergioHV by L0 Member
  • 676 Views
  • 1 replies
  • 0 Likes

How to deploy CA Palo Alto for non-join Domain!

Dear All,

 

we have done to install PALO ALTO 3020 on our network, but I have a problem as follows.

Now I have minimum 150 PCs not join the domain, and we need to deploy the CA for all of them by the automatid way!!! 

everyone from this PCs has a User Na

...

MOsama by L1 Bithead
  • 1833 Views
  • 7 replies
  • 0 Likes

Multi Rule Edit

Is there a tool out there to perform multiple rule edits? OR am I forced to do a "find & replace" method by copying CLI? In this case, I'm trying to enable log session at end for all rules. 

nicford by L2 Linker
  • 1088 Views
  • 2 replies
  • 0 Likes
Top Solution Authors
Top Liked Authors