This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

General Topics

Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

 

Rules and Best Practices

 

  1. Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion
...

JayGolf by Community Team Member
  • 776 Views
  • 0 replies
  • 0 Likes

SSL Version

Is there any way for the traffic logs to display the SSL/TLS version that's in use for a particular flow? I don't see the data in the traffic logs or in the session info at the CLI.

Resolved! HTTPS URL Filtering without decryption

Hello all,

 

I am trying to implement URL Filtering for HTTPS websites but without decryption. I found a post on how to deliver response pages to Users. (https://live.paloaltonetworks.com/t5/Configuration-Articles/How-to-Serve-a-URL-Response-Page-Over-

...

Resolved! Untrust to Untrust - Allow

I was working at a customer site and noticed the customer's last rule before their "Catch-All - Deny" rule was  "Untrust - Untrust Allow". It was a universal rule with source zone untrust  destination zone untrust set to allow. When I asked why they

...

ce1028 by L4 Transporter
  • 14050 Views
  • 11 replies
  • 0 Likes

Binding to AD with globalprotect

We have user accessing the globalprotect VPN using their AD account and we have userid enabled, but we do not see any evidence of the users in the AD domain controller, is that because GP is accessing the DC using a service account? Is there anyway t

...

jdprovine by L4 Transporter
  • 5615 Views
  • 13 replies
  • 0 Likes

Dual ISP IPSEC vpn tunnel monitor drops the connection

Hi all,

 

I added second ISP to firewall and created ECMP for dual ISP followed those guides:

 

https://live.paloaltonetworks.com/t5/Configuration-Articles/How-to-Implement-ECMP-Load-Balancing-on-the-Firewall/ta-p/110339#

 

https://live.paloaltonetworks.co

...

SShnap by L3 Networker
  • 3385 Views
  • 3 replies
  • 0 Likes

GRE support on PAN-OS 8.0

Hi,

is it possible to terminate a GRE tunnel on a PaloAlto? Parhaps there is something new in 8.0

 

Best regrads,

Sebastian

sst by L0 Member
  • 4931 Views
  • 5 replies
  • 0 Likes

Resolved! Log forwarding - Local on Gateway or Panorama

Hello - I have Firewalls configured with Log Forwarding to Panorama. The question is, do the traffic logs of the Firewall Gateway keeps the copy of the logs and send another copy to Panorama or does it have only one copy forwarded to Panorama

 

Can i c

...

PA VM licensing issue between support accounts

Hi,

 

Although looking through this in internal sources as well, but maybe you guys have seen this and have an idea.

 

Initially there was PA VM-100 trial registered in Support Account 1 - partner account. Everything's good.

Trial expired, full license wa

...

nikoo by L3 Networker
  • 4964 Views
  • 3 replies
  • 0 Likes

Web-Browsing default port application

Hey , 

 

i just wondered why in the era that all web traffic is moving forward beeing encrypted and browsers like chrome will soon mark websites that uses HTTP protocol as "unsage" paloalto "web-browsing" application still uses in it's default ports on

...

minow by L4 Transporter
  • 24269 Views
  • 5 replies
  • 0 Likes

Re:Minemeld Miner Config

Hi guys,

How can we creat a prototype miner in the MInemeld hosted by autofocus, is there any tech document with regards to how to customize/config a prototype for Miner.

Thanks 

Sanssj by L2 Linker
  • 2812 Views
  • 1 replies
  • 0 Likes

Resolved! Decryption servers same ip

Hi,

 

We need to decrypt traffic (SSL Inbound Inspection) for a server which is running 3 URL. This server has 3 certificates, one per application.

 

So we would like to decrypt traffic for this 3 applications but in decrypt policy we only configure usin

...

BigPalo by L4 Transporter
  • 2097 Views
  • 1 replies
  • 0 Likes

Resolved! Upgrading a stand alone PA-Firewall 3020 to a HA-Cluster

Hello everybody,

 

is there any article or best practice document which discribes the configuration of a Palo Alto 3020 Firewall HA-Cluster active/passive while there is already a working stand alone PA 3020 Firewall.

 

Is it the same way I configure a H

...

Mvdohe by L1 Bithead
  • 5038 Views
  • 5 replies
  • 0 Likes
  • 23985 Posts
  • 115 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2025 - Palo Alto Networks