General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Ensuring a Safe and Secure Community: How You Can Help

 

Dear LIVEcommunity Members,

 

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

safe-community_oct24.jpg
report-content.jpg
jforsythe by Community Team Member
  • 333 Views
  • 0 replies
  • 2 Likes

Resolved! VPN not working

Hi,

 

we are configuring a VPn between Palo Alto and PFsense. The VPN is configured properly but its nos getting up. No phase 1 up. We have treid to change all values proposals and lifetime.

 

This is the log. We tried to change lifetime with no success.

...

BigPalo by L4 Transporter
  • 4051 Views
  • 4 replies
  • 0 Likes

ACC displaying "No data to display"

Hi All,

I've been trying to troubleshoot an issue with a PA-5060 using PanOS 7.1.10. For whatever reason Application Command Center is not displaying any data. I've tried to check if any resources may have been hung but there doesn't appear to be any

...

Resolved! Understanding Virtual Wire

I am trying to wrap my head around virtual wire from a practical perspective.  To me it sounds like an access list apllied between 2 interfaces (e.g  Internet & Users).  That sounds like a typical concept with firewalls but since security rules would

...

Resolved! New To PA- Differences between WebUI & Panorama

My company is about to deploy PA's in a few of our data centers as well as a single Panorama VM.  I have a traditional ASA background & want to know some basic theory on how PA's are configured.  I am enjoying the free training on the support site bu

...

Resolved! MineMeld install error bower install

Hi all,

 

I have installed successfully minemeld on a test Ubuntu 16.04.

I try to do the same now in production and get an error on bower install :

fatal: [127.0.0.1]: FAILED! => {"changed": true, "cmd": ["bower", "install", "--allow-root"], "delta":

...

User Acitivity Reports - Denied Traffic

Afaik the User Activity Reports only show allowed traffic from the users. I am trying to find the URL from an IP, which I can see the user have been trying to visit, but got denied.

Is there anyway to do so?

 

The IP is a service from Amazon, and theref

...

Unable to block Skype

Testing target is Skype which came with Windows 10.

Use the method in the link below and was work (for 1-2 days)

https://live.paloaltonetworks.com/t5/Configuration-Articles/How-to-Block-Skype/ta-p/52103

 

Then 1 day suddenly found that it not working any

...

jeremylo by L3 Networker
  • 1787 Views
  • 1 replies
  • 0 Likes

Always-ON VPN in the internal network.

Hello,

 

I am looking to configure an always-on VPN with full tunnel access and enable"Enforce Global protect for Network access".

This basically means that users have to connect GP portal to access network when logging in to their machine when off-prem

...

Resolved! Cannot ping INTO mgmt interface, but can ping out?

Did something the other day and now i cannot ping/https/ssh to the firewall on its management interface, even though from the firewall i can ping out.

 

I dont think this is a routing issue as i can do it the other way(out of the device), and the devic

...

welly_59 by L3 Networker
  • 12419 Views
  • 13 replies
  • 0 Likes

OCSP unknown status

Hi team,

 

I am configuring Firewall as CA and local OCSP responder to use in GP VPN with client cert authen.

However, all the client cert that I generated from the Firewall got "unknown" status in OCSP. So I client cannot authentiate by this cert.

 

Can

...

  • 23670 Posts
  • 108 Subscriptions
Top Liked Authors
Labels