This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4243 Views
  • 0 replies
  • 0 Likes

Resolved! Newbie - GP and NAT

1) this is for a home use environment. 2) I have successfully configured Global Protect to work external. 3) I have PLex running and need to get it communicating to the world. Was able to do this before GP by setting "Service" to "any" in the NAT rules, but this broke GP, and not to even say isnt very secure. Anyone have suggestions?

ckg1999 by L1 Bithead
  • 9373 Views
  • 15 replies
  • 0 Likes

Static NAT between virtual routers

Hi, I'm going to migrate a Juniper SRX firewall with a Palo Alto VM-500 firewall.The case: The Juniper firewall is configured with multiple virtual routers. Between this routers we can static NAT subnets. As showed in the picture below, we have 2 virtual routers. If Subnet 192.168.1.0/24 behind VR A should reach Subnet 192.168.2.0/24 behind VR B...

Juniper-SRX-VR-Prinsipp.png
JohnOlav by L0 Member
  • 4367 Views
  • 1 replies
  • 0 Likes

Resolved! Forum Location for Education institutes

Greetigns Is there a section of the forum where people involved with education Institutions. I want to get some idea of how and what people allow when dealing with Children in a school when the age ranges from 8 years old up to 17 years old. as well as catering for the staff. Which I then need to work out how to do that on a Palo Alto. Thanks fo...

Wykeham by L1 Bithead
  • 3104 Views
  • 2 replies
  • 0 Likes

Log percentage and space

If logging is set to allow up to 95% space on the disk and it hits 95% that same partition,/dev/md6 3.8G 3.2G 454M 88% /opt/panrepo - PAN-OS Image repository.(Device/Software), resides the PAN OS what happens when you hit 95% on logs and try to install a new OS

jdprovine by L4 Transporter
  • 4447 Views
  • 6 replies
  • 0 Likes

Resolved! Wrong IP calculation after Whitelisting on MineMeld

Hi, I have installed MineMeld and it works fine. Before creating our configuration I wanted to test something on Whitelisting as it is going to help on what we are aiming to do with MineMeld. I hope the below finding is a configuration mistake or something i have missed and not an issue in MineMeld. Simple when i whitelist two IP from a...

StamL by L0 Member
  • 5649 Views
  • 3 replies
  • 0 Likes

Intrazone Rules

Hey guys,I took over a Palo Alto Firewall and I noticed that there is a intrazone allow rule at the end for every single internal zone.So source zone: internal zone xysource address: anydestination zone: internal zone xydest address: anyapplication: anyAction: allow these intrazone allow rules are placed before the intrazone default deny rule. W...

MPI-AE by L4 Transporter
  • 7603 Views
  • 6 replies
  • 0 Likes

Resolved! When to use ZoneProfile and DoS Profile

Hello All - Can i understand that Zone Protection Profile is to Protect Firewall itself and DoS Protection Profile is to protect the servers and hosts behind the firewall from Internet?Can i achieve a DoS protection (For example SYN Flood attack) only by configuring DoS Protection Profile that will be tailored with Policy Rule with source and de...

"Install media mount failed" when trying to create bootstrap USB

I am attempting to create a bootstrap USB on a PA-200. The Palo site provides pretty good procedure documentation, but not much for troubleshooting. I have managed to create the bootstrap.tar.gz file and upload it to a PA-200 running Pan-OS 8.0.3. I have tried 4 different brands/models of USB sticks, but when running the create bootstrap process...

GlobalProtect - Windows 7 Issue

The company I worked for observed an unusual error today with just Windows 7 users of GlobalProtectWindows 10 & Macos users were unaffected. We use okta verification to allow authentication btw In a nutshell, did some testing in virtual machines running latest patched version of Windows 7 and Windows 10All windows clients were able to connec...

capita.png
Windows 7 2018-09-13 16-01-38.png
Windows 10 2018-09-13 16-08-02.png
carterg by L2 Linker
  • 11603 Views
  • 3 replies
  • 0 Likes

Resolved! CDR report

Did anyone receive a threat report from palo alto and hushly? "Here is your Palo Alto Networks - 2018 Cyberthreat Defense Report you requested"

jdprovine by L4 Transporter
  • 3000 Views
  • 2 replies
  • 0 Likes

Resolved! Traffic Reports Bytes Field Empty

This probably has a very obvious answer, but google searches for the solution wound up showing me irrelevant pages...probably my fault as well. I am running various traffic reports, and all of them lack value in the bytes field. Any idea what is wrong?

2018-10-03 07_52_18.png
colesch by L2 Linker
  • 4075 Views
  • 4 replies
  • 0 Likes

Panorama - Commit getting stuck at 0%

I have got PAs in two DC, each DC have PA in active-passive unit, when I commit to one of the pairs in one of the DC, the committ is stuck at 0%. I see the Panorama is connected to "Passive" FW instead of the active FW , could be the reason why the commit is stuck at 0%.Does the Panorama have to be connected to the active unit for the commit to ...

Resolved! MineMeld can not get O 365 JSON format list

Hello [Failure event]In the case of O365 's xml format, when MineMeld received traffic after ClientHello, I got a list but if I set config for JSON support I can not get a list. [Prerequisites]MineMeld will go through Paloalto and do Internet communication. [Question]I think that the packet flow that can be checked with Paloalto is incorre...

OSPF, VPN, routing and distribution

I'm trying to solve a routing conundrum to improve a remote site and provide redundancy, and hoping others may have some solutions. The short version is that we have the remote site with basic commodity internet using VPN to connect back to two datacenters. The datacenters in turn have direct links to each other, and all are running OSPF. The is...

PAN OSPF.PNG
  • 24359 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks