This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Ensuring a Safe and Secure Community: How You Can Help

 

Dear LIVEcommunity Members,

 

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

safe-community_oct24.jpg
report-content.jpg
jforsythe by Community Team Member
  • 271 Views
  • 0 replies
  • 1 Likes

Resolved! Questioning about agentless user-id.

Hello!

I have questions about user-id functions.

1. How much user-id be supported by agent-less user-id? I guess that 64K user-id and 640 user-group would be supported on all of PAN model. right?

2. When using user-id collector, How much user-id and use

...

GP Always on VPN - Except if on internal LAN?

Is there a way to implement this? I have seen the internal host detection option but as far as I can see that is only to choose whether you connect to an internal or external gateway.

I want all remote site users to go through the Palo Alto, but I can...

welly_59 by L3 Networker
  • 2959 Views
  • 2 replies
  • 0 Likes

Sharefile custom URL site allow

We block access to sharefile.com as a whole.  But we do have a sharefile.com company site which we allow access to.  The problem that I am running into is this, when a user attempts to download a file from our sharefile site a random number will be g

...

Self-signed Root CA Certificate FQDN?

I’m planning a test deployment of a globalprotect vpn, so currently going through the guides to see what’s needed. Part of the requirements if not using a trusted CA is to generate a self-signed root CA.

What should the FQDN be on this cert? The deplo...

welly_59 by L3 Networker
  • 2068 Views
  • 1 replies
  • 0 Likes

Resolved! Valid Object Name Requirements Documentation Wrong

When creating an Address Object (as well as other object types) the documentation for Palo Alto 8.1 says this, "The name is case-sensitive, must be unique, and can contain only letters, numbers, spaces, hyphens, and underscores."

 

The popup that appea

...

JasonKC by L1 Bithead
  • 3251 Views
  • 2 replies
  • 0 Likes

Confused about zones

I'm currently migrating from a pair of Cisco ASAs and the zones have me a little confused.

 

Right now I have interfaces on the ASAs of inside, wireless, outside, dmz-private-web, dmz-private-db, dmz-public-web, dmz-public-db, dmz-dev-web, dmz-dev-db.

 

...

HA sync times

Recently I have noticed that it is taking longer to commit and sync the changes from my active PA to my passive PA and the management plane ramps up to 38%. any suggestions

jdprovine by L4 Transporter
  • 2912 Views
  • 7 replies
  • 0 Likes

Resolved! Minemeld on CentOS

I have seen a few older threads referencing minemeld on CentOS using ansible or docker etc, Does anyone have it running on CentOS natively without the use of other 3rd party tools? or an up to date walkthrough? The Ubuntu 14.04 setup is quick, simple

...

hshawn by L4 Transporter
  • 5799 Views
  • 5 replies
  • 0 Likes

Resolved! Stop routing if PBF monotoring is down PA-500

 

 First post to this forum!

 

I have a PA-500 and 3 ISPs. 2 of the 3 VLANs are forwarded using PBF (VLANs 10 & 30 ) and the third uses the default route (VLAN 20).

 

My (simplified) configuration is as follows;

 

 VLAN10 - PBF to ISP 1 fail-over to default

...

James_D by L0 Member
  • 2610 Views
  • 2 replies
  • 0 Likes

Resolved! how interpret MAC in pcap

Hello,

I have a doubt about how to interpret macs in rx pcap and tx pcap. I thought that:
when the traffic enter a layer 3 interface:

the mac destination addres in rx file must be the mac of  ingress interface?
and in tx the source mac, must be the mac o

...

Marivi by L2 Linker
  • 3302 Views
  • 2 replies
  • 0 Likes
  • 23638 Posts
  • 107 Subscriptions
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks