General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Stuck in Failsafe bootloader after reboot

I rebooted a PA-850 after installing a firmware update and it is now not responding. I managed to get on via OOB management and its reporting DDR3 CRC errors.

 

Welcome to the PanOS Failsafe Bootloader.
 
U-Boot 8.0.3.0-55 (Build time: Jun 13 2017 - 17:1
...

welly_59 by L3 Networker
  • 2436 Views
  • 1 replies
  • 0 Likes

Dear PA re Active Active

Hi

 

Lots of people say stay away I tried.

 

BUT PALOALTO PLEASE DON'T ADVERTISE THIS AS A WORLING PRODUCT CAUSE IT AIN'T.

 

to any one thinking of A/A please test and test again will fail over.  Pull one of the HA1 or HA2 cable ..  the system can't handle

...

Keep Username for Two-Factor-Authentication Global Protect

hey

 

i am configuring two factor authentication,

1) portal with certificate

2) gateway with OTP

 

i have noticed that i can authenticate to the portal with user "A" and than on the gateay i succesfully authenticated with the OTP of user B (username & pass

...

minow by L4 Transporter
  • 6274 Views
  • 8 replies
  • 0 Likes

Adding ip to interface no coming up

Hi

 

Okay i have an address object say ip-dgw

it was 10.21.18.129/24

 

its assigned to ae19.18 and also 10.21.18.7 & 10.21.18.71 - they are ip's attached directly to the interface.

This interface is ospf active

when i change ip-dgw to 10.21.18.1/24 it apply

...

Resolved! PA drop the connection for IPTV- no sound and video

I have IPTV at home.

Rule is any app and any service bit i see that video has no pic and sound.

 

PA logs traffic,url and threat does not show packet drop.

 

then i removed all the security profiles and video and sound was working.

 

is there any way we can

...

MP18 by Cyber Elite
  • 4620 Views
  • 6 replies
  • 0 Likes

show counter interface management multicast packets dropped

show counter interface management


Interface: Management Interface
-------------------------------------------------------------------------------


-------------------------------------------------------------------------------
Logical interface counters:
-

...

MP18 by Cyber Elite
  • 4760 Views
  • 7 replies
  • 0 Likes

PAN-OS 8.1.3 in production environment?

Anyone running 8.1.3 in prod? I have a change window to upgrade this weekend from 8.0.3 to 8.1.x as we wish to make use of the split tunnel by URL feature in GP, but reddit has filled me with some horror stories

welly_59 by L3 Networker
  • 3210 Views
  • 7 replies
  • 1 Likes

Resolved! Pan(w)achrome stats collecting?

Hello folks,

 

We are going to be moving datacenter soon and changing our ISP.  We plan to consider a 1Gbps Internet line coming in.  Not sure of exact upload vs. download at the moment.  In preparation, I am being asked to characterize our traffic, co

...

OMatlock by L4 Transporter
  • 2718 Views
  • 3 replies
  • 0 Likes

Resolved! DOS protection alert test

https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClL3CAK

 

I am using the above linked KB to create DOS profile and policy for a particular server, but i have not changed the defaults as i donot want it start actioning on it ri

...

raji_toor by L4 Transporter
  • 4500 Views
  • 8 replies
  • 0 Likes

Routing traffic from branch through HQ to vendor

 

Currently Im labing a situtation where I'll need to have branch users route to a vendor through HQ via IPsec tunnels. Users at my banch access can acesss Web/HQ services though the HQ firewall, but when accessing the vendor. Logs show from HQ the at

...

example.jpg
k.truex by L1 Bithead
  • 3535 Views
  • 2 replies
  • 0 Likes

Monitoring VPN tunnel status

Hi,

 

I would like to monitor VPN is UP using NAGIOS. I think its necessary configure tunnel monitor for this, right??? what are the options to monitor VPN is UP? and monitor config profile.

BigPalo by L4 Transporter
  • 2431 Views
  • 3 replies
  • 0 Likes

Log s for Firewall generated Traffic

Hello All - I am not seeing logs in the monitor section, when i generte traffic from Paloalto Firewall itself. For example,  when I ping 4.2.2.2 from the Firewall, i am not seeing logs showing for.

 

Is it a known behavior? or i missing something? is t

...

  • 24034 Posts
  • 102 Subscriptions
Top Liked Authors
Labels