General Topics
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
We are conducting regularly scheduled maintenance over the weekend, which could cause some downtime on LIVEcommunity. We apologize for any inconvenience.
General Topics

Discussions

Thank You for Filling Out the LIVEcommunity Experience Survey!

If you've visited LIVEcommunity anytime recently, you've probably seen a pop-up asking for your feedback. We've deployed this survey since April 2020 for new and returning visitors alike as a way to gather feedback from our users. 

 

In the past six

...

survey-livecommunity.png
jforsythe by Community Team Member
  • 637 Views
  • 1 replies
  • 4 Likes

HIP without license

Is it possible to use HIP Profiles with just custom checks without a HIP license? (Sort of the way you can with URL filtering.)

MCmgt by L2 Linker
  • 801 Views
  • 2 replies
  • 0 Likes

Resolved! How to keep overview on Security Policies

Hello,

 

I´m in a project of migrationg a Juniper SSG to a Palo Alto FW. While migrating the existing policies I find it where confusing to list all policies in one list. Juniper separted the policies by the source an destination security zone. Is ther

...

Setting Up the PA-200 for Home Setup question?

Hey folks,

 

Newbie here.    I had this going successful before, but after a factory default, not working for me for some reason. 

I've followed this helpful article before and worked on my first try, but not now for some reason.

https://live.paloaltone

...

PA13.jpg
PA7.jpg
PA1.jpg
PA2.jpg
OMatlock by L4 Transporter
  • 795 Views
  • 4 replies
  • 1 Likes

Resolved! Some emails not working on iPhone behind PA

I have a weird problem. I installed a VM100 connected via PPPoE to the ISP, standard NAT, DHCP configured on the LAN side.

 

Issue: unable to receive/send emails from iPhone from SOME providers using inherid IOS app:

  • Corporate email: working via IOS ema
...

Hwinter by L2 Linker
  • 1042 Views
  • 1 replies
  • 0 Likes

VM-100 Virtual Wire doesn't show any sessions

 Hi guys, I'm new to PA so I hope this is not a stupid question.

 

I configured my VM-100 with two interfaces (plus manegment), the two interface were setup as Virtual Wire. I can capture traffic going through and everything works from a user perspecti

...

Hwinter by L2 Linker
  • 1148 Views
  • 5 replies
  • 0 Likes

Resolved! Two Default gateways with different priority

Hi Guys,

 

We have two isp links (ISP1 AND ISP2). We have defined to default gateways and set the ISP1 less priority so that all internal traffic will take ISP1.

 

for example

0.0.0.0/0 ethernet 1/1 next hop 76.45.146.22 admindistance 10 metric 1
0.0.0.0/0

...

irshad.n by L1 Bithead
  • 1614 Views
  • 4 replies
  • 0 Likes

IPv6 Point to Point prefix

Hi,

 

Trying to setup a IPv6 Point to Point link between the PAN and SRX.  Does PAN support IPv6 prefix like /127 for point to point connection?

 

(Yes I read RFC 3627 -> RFC 6164 -> RFC 6547 already)

 

Before any one starts about the IPv6 address space is

...

Cert key import

What is the best way to import a key for a globalprotect portal? I already have CA installed.

jdprovine by L4 Transporter
  • 1653 Views
  • 14 replies
  • 0 Likes

Clear DF bit for VPN

We have recently migrated our site-to-site VPN so it is now running between a PA-3020 > Cisco ASA 5510.  After the migration we discovered that one of our cross-site applications broke and the vendor determined it was because their application commun

...

Some Applications not being submitted to wildfire

Hello

I am testing my wildfire configuration .

1- When I download wildfire test PE file  , I get an entry under Wildfire submission log & data filtering log.
2- I intend to test if copying the PE file is also caught by wildfire , so I download a new PE

...

Resolved! VPN clients IPsec vendors

Hi,

 

We realised after upgrading to 7.1.8 when we access to VPN GP using CISCO VPN CLIENT (IPsec) is not working. In previous version was working.

 

This is the error ikemgrlog:

 

 

 

2017-03-30 13:11:52 [PROTO_ERR]: isakmp_inf.c:1362:isakmp_info_recv_d():

...

Map any TACACS+ user to local account

Anyone aware of how to map TACACS+ accounts to a single local account? For instance, I have my ACS server using AD for its user database. I created a policy in ACS to allow access to the PA if they are in a certain group. When I want to give someone

...

ddaloia by L0 Member
  • 1362 Views
  • 5 replies
  • 0 Likes

Resolved! DoS Protection

How do I go about triggering and monitoring DoS Protection in 7.1.5? I cannot find anywhere in the GUI to help me with this.

Top Solution Authors