General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

MineMeld Advice/Lesson Learned

I will be installing and using MineMeld on a virtual REHL 7 Server. I was wondering if the community had any advice/lessons learned from the installation, use, and implementation of MineMeld at their organizations. Thank you!

How security policy - intrazone works?

Trying to use a Security policy with type intrazone and action is Deny (any application & service).

Target is to block all communication within the same zone (subnet). Such as ping, file share (smb), ftp, etc.

The layer3 interface and the computers wer

...

jeremylo by L3 Networker
  • 2674 Views
  • 5 replies
  • 0 Likes

Log forwarding to Panorama

Hi,

 

I have some problems with log forwarding from firewall to Panorama because it is consuming a lot of bandwidth. I have configured the firewall to buffer the logs before foward them to Panorama. I would like to know the following:
* When log forward

...

Resolved! QoS Reporting

I've deployed QoS on a PA-3050 and currently have 2 profiles that I'm specifically rate limiting at different bandwidths (class5 and class6). I've looked through all of the reports as well as App Scope but can't find anything that shows me bandwidth

...

Captive Portal Redirect Page

Hello all, I am having a bit of an issue with getting captive portal to work the way I need it to. I have it setup and my Macbook was able to redirect to the correct page, I was able to successfully login, and then browse the web without issues. The ...

Self-service Firewall rules?

Wondering if the NGFW are capable of automation. Automation as in, if someone has a set of firewall rules that needs to implemented and they know their source, their destination, their port, they can implement the rule themselves. 

Resolved! Application vs Service in PA

Hi Experts,

 

 I've query in Application vs Service columns. As we all know the Palo Alto preferred method is to use Application column (SSL, Web-browsing) and refer to 'Application default' in Service.

 

My query is, if we mark 'ANY' in Service column a

...

PA1.JPG

QoS for VOIP over IPSEC VPN

Hi All

 

I have four VPN sites and HQ with VOIP deployed. On HQ Palo Alto, I want if traffic come from LAN with some marking like 'af41' then give priority (real time) and copy the dscp marking when send across IPSEC VPN? 

-> For this, I have made one q

...

Dynamic 1:1 NAT on the Palo Alto interface.

We are looking at some method where we can dynamically NAT subnets behind the Palo Alto Firewall to pick an IP address from the network defined on the external interface.

 

e.g. I have the external IP address network defined as 10.100.100.0 /24. The IP

...

nson2139 by L3 Networker
  • 2493 Views
  • 2 replies
  • 0 Likes

Issue Static Source NAT

Hi Expert ,

 

I have some issue about Static NAT due to I have secondary public ip on the same interface such as on ethernet 1/3 have 192.168.1.22/24 and 192.168.55.1/32 and config nat bi-direction such as source  trust > 172.16.1.22 to untrust  and So

...

  • 24308 Posts
  • 99 Subscriptions
Top Solution Authors
Top Liked Authors
Labels