This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Resolved! Session Timeout Settings

Hi,

we are using a PA environment in combination with Bluecoat Proxy SG for caching and user authentication. Bluecoat describes on his knowledgbase KB3323 the differences for session timeouts on proxie servers and firewalls.

From our proxies I have man

...

PA System Logs

Dear Expert ,

 

I need to get all System messages of PA in case of the below Events

 

  • CPU Errors, warnings.
  • Memory, RAM utilization warning, problem.
  • Hardware failure, problem. .(Physical Events)
  • Links , interfaces down.
  • Processor warning.
  • Disk warning.
  • Fan wa
...

hi Community

Hi all,

 

We have upgraded globalprotect version 3.1.4 to 4.1.2. Its connected successfully . But after some time it saying portal not available. username take as portal name. anyone experience with globalprotect 4.1.2???

Resolved! Palo-Cisco VPN Logs

Im setting up a s2s vpn between a Palo and a Cisco ASR. The GUI is showing it all as up - green lights and ike tunnels. But the logs are showing the below:

 

IKEv2 child SA negotiation is failed message lacks KE payload

 

I am not sending traffic down th

...

welly_59 by L3 Networker
  • 5621 Views
  • 5 replies
  • 0 Likes

Custom HIP Check for Linux

Hey guys,

 

I've been tasked to have Globalprotect only allow company owned devices over the VPN. I know I can create custom HIP checks for Windows/Mac (reg/plist value). How would I do the same for Linux clients?

 

I have two end users that work remote,

...

Unable to find interface configured in vm machine in vmware

I’m new to Palo Alto VM series deployment and it’s the new project .. we’re trying to deploy Palo Alto HA in VMware environment . Deployed ovf template and configured management interface . Connected to GUI and all looks ok . But I’m not able to conf...

Hari007 by L1 Bithead
  • 4759 Views
  • 6 replies
  • 0 Likes

Resolved! DH group 15 IPSec tunnel

Hi

I must build up an IPSEC tunel between PA and Watchguard XTM. The other Side gives me ike phase where DH Group is 15.

 

On PA I only can choose Group 1—768 bits, Group 2—1024 bits (default), Group 5—1536 bits, Group 14—2048 bits, Group 19—256-bit ell

...

PPTP VPN can not be connected to external devices

I have built a VPN server in company domain and I have tried to connect it in the domain computer. Now I need it can be connected to external computer. I have search many information in Internet to know how to do this setting in firewall. But it stil

...

Jacky.Yi by L0 Member
  • 2299 Views
  • 2 replies
  • 0 Likes

Resolved! Radius authentication for Global Protect

Hi community!

 

I have encountered a "problem" with our Global Protect authentication while we were doing some maintenance works.

We have an Authentication Profile with 3 RADIUS servers for authenticating the users, and the number of retries is set to 5

...

Feature request thoughts - around nat selection

Hi

 

I have 2 NAT pools, actually 4, cause for HA each pool is doubled - does that make sense.

 

1 pool is on a.b.c.13 and the second is on a.b.c.113.

 

All good. what I would like to do is say

 

going out internet interface from src group "out via non prod"

...

DNS Proxy in Active Active cluster setup

Hi

 

I am looking to setup 2 IP address I want to use for DNS proxy  - I was planning on having each ip as a HA VIP - in fail over mode - 1 priotised to one node and the other to the other node

 

Then I tried to setup the DNS proxy -  can't attach it to

...

Routing issues LDAP AD server profiles

Hi, Im trying to set up Group mapping and foudn an interesting issue that I wabnted to put out here see if theres any ideas that can help us out. This is the situation:

 

Hardware

  • ethernet1/12 is trunk with subinterfaces
  • ethernet1/12.2 vlan 2 tagged subi
...

rcaduser by L0 Member
  • 1973 Views
  • 2 replies
  • 0 Likes
  • 23710 Posts
  • 104 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks