General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Resolved! Cannot access HTTPS sites using non standard ports

Hello,

 

When we switch the connection to a 4G connection, was able to connect to the URL without any issues:

wget https://www2.medicareaustralia.gov.au:5447/ --no-check-certificate

--2017-12-06 10:39:16--  https://www2.medicareaustralia.gov.au:5447/

Reso

...

ND.jpg
1.jpg
Farzana by L4 Transporter
  • 7166 Views
  • 9 replies
  • 0 Likes

WLC 5760 with iOS XE and user-id problem

Hi, 

Please can anyone guide me how I configure WLC send username and IP for (kiwi server as trap) or syslog direct to PA to help me get username and IP information for my wireless users?

 

Thanks in advance!

Mike

Resolved! Configuration of PA's - Internet Circuits

Folks,

 

I'm new to the PA's, so I wanted to present this question for you.  I have two PA 5020's, in Active/Passive configuration shown above.  On each PA, eth1/4 and eth1/5 is in an aggregate group.  I have two Nexus 9504's as our core switches.  I t

...

2017-12-09_19-34-15.png

Security Zone Site to Site VPN

Hey guys,

 

We do have a headquarter and a branch office.

 

All services are located in the HQ, in the branch office there are just workstations that access the services of the HQ.

 

So I have to set up a site to site vpn connection between the BO and HQ.

 

...

MPI-AE by L4 Transporter
  • 2911 Views
  • 11 replies
  • 0 Likes

URL Logs from 2 weeks ago

we currently installed a PA-3050.  

 

i'm trying to do a URL search on our URL Filtering logs, but into goes far back as today.

 

i'm looking for something about 1 - 2 week ago.  How do we do that.

 

 

thanks

 

Mark

weblogin by L0 Member
  • 1096 Views
  • 1 replies
  • 0 Likes

LOGS for Troubleshooting

There are few logs are residing in palo alto firewall,  respective of Data plane and managment plane, I wanted to know about each logs representing for which process/tasks, it will help for troubleshooting.

 

sivavelu by L0 Member
  • 1268 Views
  • 2 replies
  • 0 Likes

Services list

Does anyone know if there is a list of services that come on the PA 5050 by default? I am in the process of removing unused service from my PA

jdprovine by L4 Transporter
  • 2700 Views
  • 14 replies
  • 0 Likes

Resolved! Pulling and Changing Configurations through SNMP

Is there any way to pull a configuration or upload a change to Panorama or a firewall using snmpget?  I know you can do something like this with routers and switches but didn't know if you could do it with Palo Alto firewalls.

 

Thank you

IPSec crypto settings

So for globalprotect there is one network profile  IPSec Crypto which is globalprotecte IPSec crypto. So the other IKE Gateway and IPSec crypto are for peer to peer vpn tunnels that are not related to the globalprotect tunnel at all?

crypto.PNG
jdprovine by L4 Transporter
  • 1127 Views
  • 2 replies
  • 0 Likes

Resolved! Interfaces/zone associations lost after commit

Hello guys,

 

I have a couple of PA-820 (PanOS 8.0.3) who has been imported to be managed via Panorama.

Since that, everytime I make a "Push to devices", they lose the association between 2 interfaces and the zones and I need to fix them manually.

 

I gue

...

Shye80 by L1 Bithead
  • 2193 Views
  • 2 replies
  • 0 Likes

Resolved! How to make a passive miner

How would one create a miner that listenes for data instead of actively retrieve it ? (For example a miner that serves a rest endpoint so another application can send data to it)