This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4474 Views
  • 0 replies
  • 0 Likes

SSL Decryption

Hi guys,Nowadays I am playing with a PA-VM (no license) and decryption policy. Basically there are many articles and that explain how Decryption policy works and how to set it up. I have checked and double checked my setting and I cannot make facebook.com for instance work when I enable the Decryption. Here are the rules:Decryption RulesSecurit...

PaloForum-Decryption.JPG
PaloForum-Security.JPG

Resolved! User Credential Detection- False positive

What method is everyone using to handle false positives for credential phishing? Does everyone just create a custom URL category and drop in the sites where users use corporate email as their user ID?

Windows 10 Release Cycle and Global Protect Client

Hi All, I'm currently working in an environment which is trying to keep up with the latest Windows 10 release cycles with their Windows as a Service model which brings out releases every 6 months. We have found that with our AV products, our vendor has struggled to keep pace the Microsoft's development of Windows 10 and as a result we have had...

NQ1234 by L0 Member
  • 7334 Views
  • 3 replies
  • 0 Likes

Firewall migration, testing rules

Is there a way to test the rules on a new Palo alto vs the existing firewall it will be replacing without affecting traffic? Something like TAP mode but that can block traffic like an in production firewall?

gonzox98 by L0 Member
  • 2916 Views
  • 2 replies
  • 0 Likes

VPN site-2-site configuration and OSPF

Hello forum members, I have been testing the VPN site-2-site configurations on my Palo Alto VM lab, prior to deploying on our production environment. I have successfully set up a VPN connection where both firewalls use static routing. Trouble I'm having now is setting up the VPN connection where the 3rd party site uses static routing and my corp...

topology.PNG
interfaces.PNG
tunnel.PNG
VR.PNG
rchung54 by L2 Linker
  • 9361 Views
  • 10 replies
  • 0 Likes

Resolved! ping from vr

All, is there an easy way to designate a vr as aq source when pinging ? Like ping host a.b.c.d virtual-router myvr ?So far I only found a way to specify a source interface but the I need first look up a source interface in the specific VR. Any easier way ?

lafrank by L0 Member
  • 9519 Views
  • 5 replies
  • 0 Likes

A few questions

I am planning to install another vsys in the 7080 firewall my queries how many max vsys can be created for the 7080 firewall How may Site2Site tunnels it supports for each VsysHow many RAVPNs it supports for each VsysHow many connections it can handle for each Vsys ( in respective to RAM and CPU )\ is there any downtime required for creating t...

HemanthV by L2 Linker
  • 2363 Views
  • 1 replies
  • 0 Likes

Virtual Wire migration

Hi All.I am in a postion that we would like to migrate our current cconfiguration of multiple trunk 10g links supporting a vlan with subinterfaces and vsys's to virtual wire mode on the existing chassis, (i.e. 7050, or 5060). As I understand it, we would need at least 2 interfaces for each trunk for both sides of the vwire, and then have matchin...

dwmaas by L2 Linker
  • 3168 Views
  • 2 replies
  • 0 Likes

Resolved! Multiple routes to a destination-

I think I know the answer for this question but would like to confirm with anyone who actually imoplemented this. I have a static route with destination 10.237.102.143/32 going through tunnel 10 . Now, I would like to have a staic route to 10.224.0.0/12 through tunnel 20. As per my understanding, any traffic destined to 10.237.102.143 will take ...

LACP Pre-Negotiation 3260

Is this supported or not?It can be configured, but rumors floading around the internet says that there is a part in the panos 9 that says support for pre-negotiation will be added for some models, among those 3200

hbalzac by L3 Networker
  • 3405 Views
  • 2 replies
  • 0 Likes

Palo Alto with Ansible

Hi, I am trying to configure palo alto with ansible. the normal ping and ssh connection is fine but the "ansible -m ping all" command is returning error that the "ssh authentication failed". How is that possible, if the normal ssh is working fine. Please tell the steps to configure ansible with palo alto or any supporting docs. Thanks

suny211 by L0 Member
  • 4338 Views
  • 2 replies
  • 0 Likes

Resolved! Routing Traffic between two VR's and Bytes Send and Receive info in GUI

I was Testing the Connectivity between two end points for Testing Purpose only Server(10.50.50.1)--------Sw1---------eth1/8----- PA-------------eth1/7-----------------Sw2-----------User PC(10.7.7.6) PA VR1 has interface Eth1/7PA VR2 has interface Eth1/8 Server IP 10.50.50.1PC IP 10.7.7.6 Sw1 and Sw2 has point to point connections with PA. 1>...

MP18 by Cyber Elite
  • 3780 Views
  • 5 replies
  • 0 Likes
  • 24379 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks