General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Monitor->App Scope->Summary how to interpret "Top 5 Gainers (last 60 minutes vs yesterday)"

In Monitor->App Scope->Summary how should the report entitled Top 5 Gainers (last 60 minutes vs yesterday) be interpreted. Is iteg.1) last 60 minutes compared with same 60 minutes from yesterday2) last 60 minutes cpared with hourly average from yesterday3) ..... I am not able to find much info on this anywhere. Appreciate any feedback. Reg...

Test Cases

Hello we are planning to migrate from PAN OS 7.1 to 8.1. Is there a document or a list of tests that we can do to check if the migration was successful ? I mean we can obviously test if some critical servers are reachable but still any template would help here. Thanks and Regards,RJ

Resolved! CLI access to PA

@reaper, @BPry @Mick_Ball What could cause a superuser to not be able to ssh to the CLI of the PA?

jdprovine by L4 Transporter
  • 12802 Views
  • 31 replies
  • 0 Likes

Website issue.

Hi to everyone!We have one site - halqa.az, which I can't give access to.I have permitted everything on policies, permitted everything on decryption, still no success.What should be else permitted? Maybe some of you will be able to help me.Maybe there is any timeout issue or anything else.

Integration with Cisco ISE Pxgrid

Good afternoon! Does anybody know the integration with Cisco ISE Pxgrid? Does Palo Alto can act as pxGrid Client with Cisco ISE to apply TrustSec for SGT Bindings?Does Palo Alto support Cisco SXP protocol and act as Listener to ISE Pxgrid speaker? Thanks.

QOS setup to to guarantee vital services with free internet

Hi, I would like to configure QoS for our Internet data lines on our PA-220s as follows: - Internet line could be up to 100Mbps.- I would like to guarantee at least 1 Mbps to SAP- I would like to guarantee at least 2 Mbps to Office365- Give the rest to Internet Browsing. SAP and Offrice365 policies are already setup and match traffic.I have two ...

Resolved! Active Passive Panorama and commit failed

We have M100 in active passive mode. Everything is in syn between both M100 I logged on Passive M100 today and found that few firewalls show as commit failed. Then from active M100 I pushed config to those firewalls for testing purposes and all was good.Those firewalls show in syn with both active and passive M100 but on passive M100 it still sh...

MP18 by Cyber Elite
  • 2817 Views
  • 1 replies
  • 0 Likes

GlobalProtect client stopped working after upgrade from 8.0.7 to 8.1.2

Errors: globalprotectgateway-config-fail, description contains 'GlobalProtect gateway client configuration failed. User name: , Client OS version: Microsoft Windows 10 Enterprise , 64-bit, error: Matching client config not found. Once I removed the group from Gateway\Agent\Client Settings\User group, and selected any, users could login, no error...

Resolved! Issue with URL Category

We have just setup SSL decryption and added custom response pages on our firewall. We have a custom filter for shopping sites and the category is set to alert, if a user is a member of an AD group associated with this filter it works fine. We decided in our fall back filter to set the category to continue which would display a message and allo...

GlobalProtect Agent

Hi I want to know if there is a way not to allow old GlobalProtect Agent to connect to the Palo Alto network firewall?But allowing to update the client before logging on to the VPN? Thank you

Cyon by L0 Member
  • 2493 Views
  • 1 replies
  • 0 Likes

Rule Viewer

Hi folks, I was wondering if there was some kind of rule viewer, that can render the rules in a table from the exported files. Why I need this: Our managed service provider sends us an export of the firewall rules every month and we have to review them every 6 months. Since we don't have a Palo Alto ourselves this is very tedious. I have tried E...

JayArr by L0 Member
  • 4267 Views
  • 5 replies
  • 0 Likes

PaloAlto 3rd party captive portal integration

Hi! First of all sorry if this question is explained anywhere else; I've dedicated a few hours to browse docs and posts but I cannot find a proper answer. I work for a company that deploys hotspot solutions over premises using different hardware solutions. It turns out to be that we need to integrate Paloalto appliance in our solution. Our appro...

Inbound NAT with Port Redirection for port 443 using a single outside interface IP ?

My ISP only provides a single ip address for the outside interface via DHCP.I would like to forward port 443 to and internal host, but Palo keeps dropping the packets. It seems as if the device management restriction is responsible for this, but I have removed that policy from the external interface so I am not sure why this is getting filtered....

aarato by L1 Bithead
  • 3406 Views
  • 2 replies
  • 0 Likes
  • 24393 Posts
  • 123 Subscriptions
Top Solution Authors
Labels