General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

SSL Decryption not working with Policy based forwarding

I have configured SSL decryption with one ISP which is configured via default route and it is working fine. I have another ISP and I configured to forward internet traffic from particular endpoints (same trust zone) to 2nd ISP, for this purpose i created NAT and a PBF rule for those particular endpoints, scenario was working fine till now. I wa...

8.0.15 How is it running

Hello Community,How is it running for those that have already upgraded? I would wait but the release of the recent vulnerabilities have pushed this forward for me. https://securityadvisories.paloaltonetworks.com/ Thanks in advance!

Template not showing up in Device Groups

Created template I have Templates showing up over Network and Device tabs. But when I commit there isn't a radio button for templates and when you look under Device Groups and click the group I created it in, the template does not show up. Panorama 8.1.4

ccall678 by L0 Member
  • 3182 Views
  • 1 replies
  • 0 Likes

QOS Policy config with Destination NAT Traffic

Hi, allHow can i set to config QoS Policy for Destination NAT Traffic from untrust to untrust zone.I searched for related knowledge but could not find it.which one is right?untrust to untrust (Public IP)untrust to trust (Public IP)untrust to trust (Private IP)Thanks.

hbshin by L2 Linker
  • 2808 Views
  • 2 replies
  • 0 Likes

Resolved! Security rules on middle level DGs

I have three templates in a stack and three levels of device groups. I want to create a leveled policies based on security zones. Let's say I have a secuity zone called GlobalProtect. Let's say I have:DG-Standard|-------DG-Management |-------------DG-ISOC I want to create GlobalProtect rules on level 2 of device groups. The problem i...

Resolved! Template stack and referencing security zones

Settings in a template cannot reference to another template even if in the same template stack. I want to simplify management of security policies based on security zones. Let say I have Template-Standard and then templates for each PA like Template-PL.I create a security zones LAN, Internet, GP, S2SVPN in Template-Standard and create necesary ...

Resolved! Putting a PA-4060 back into service

I recently aquired a PA-4060 from a recycling center. It appears to be fully functional without issue. It's currently on PAN-OS 4.1.12. How can I go about updating this device? I'd like to try and use it in my homelab for learning about Palo Alto products.

Resolved! External Email Server Filtering

We have a ListServ server which needs to accept email from a user hosted in Office 365. I would like to limit the security rule allowing the inbound traffic to only accept SMTP connections from the O365 mail servers. I know the list of those servers can be dynamic, so I was wondering if this is even possible, or if there is a more effective me...

PALO ALTO PAN OS 8.0

Hello Team,I am a SOC ANALYST , I wanted to know all the "Event name" that i can see on my SIEM. so i can make sure that i am seeing all the events. Please help. I want to make sure if any "Event Name" is missing.Currently I am seeing these "Event Names"Traffic CloseURL FilteringSession DeniedReceived conflicting ARP on interface indicating dupl...

Resolved! custom url filter action continue and ssl decryption

i have configured few custom url and action is set to continue.for some https websites i get response page and when i click on continue it works fine. for some https websites chrome shows error connection reset.PCaps on PA does not show any drops.traffic logs show session end reason threat and CLI shows discard. below is custom url where action ...

MP18 by Cyber Elite
  • 7409 Views
  • 8 replies
  • 0 Likes

ISP failover with Path Monitoring help? Incomplete Aged-out traffic issue. PA 3020

I am using a PA 3020. We have an ISP1 which is our main corp internet. We have an ISP2 which is also our active Guest network. I'm trying to configure ISP1 virtual router with Path Monitoring so that if fails pinging a group of IP's it fails over to ISP2 virtual router. Well I have configured Path Monitoring and can trigger it accordingly b...

Resolved! Command line

I have come accross and article that show some of the CLI commands for palo alto but there aren't that many listed. When I call into support they are able to come up with som many more anyone know where I can get a larger listing?

infotech by L4 Transporter
  • 8899 Views
  • 6 replies
  • 0 Likes
  • 24393 Posts
  • 123 Subscriptions
Top Solution Authors
Labels