This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4243 Views
  • 0 replies
  • 0 Likes

Problem routing traffic from ipsec tunnel to ipsec tunnel

We have two PA820 boxes PA#1 & #2, both are connected via IPSec and the traffic flows without any problemWe have a TMG server to which PA#2 is connected via IPSec and traffic flows without any problemNow we want PA#1 to be talking to TMG server via PA#2ON PA#1 we can see that the traffic is going through the tunnel, but it is not being detec...

Resolved! Global Protect external gateway traffic is ssl decrypted

Hi, I have configured GP external gateway and all is well.But i see my ssl tunnel connection from my public ip to GP public ip this traffic is decrypted. I have no decryption policies configured for this. this traffic is from external to external zone. need to understand how this traffic is beging decrypted? Mike

MP18 by Cyber Elite
  • 6312 Views
  • 4 replies
  • 0 Likes

Templates and Interface IPs

I have setup an HA pair of 5220s and have them added in Panorama all running on 8.1.2. I have setup the Templates and can push out changes to the HA pair. I tried to push an IP change to a subinterface on the pair and though both Panorama and the HA Pair claim to have accepted and commited the changes, the HA Pair still has the old IPs and Pan...

afrias by L0 Member
  • 3129 Views
  • 1 replies
  • 0 Likes

New to Palo Alto

Hello, I am new to Palo Altos. We just took over a company with a Palo Alto and we are taking a look at all of the settings in the device to get a handle on how everything is set up. I wanted to see if someone could clarify something for me. When I looked at what appears to be the internet facing interface, all I see is an IP assigned to the int...

Resolved! Is there a place to submit changes to Application Definitions?

I was testing an app today, and much to my surprise it had a definition already created. When I added it to my trust-untrust allowed applications rule, it still didn't hit it. The firewall identified it as SSL over 5494, not the app. The app just lists TCP/5494, and probably needs to be further identified. Opening a case with support is the obvi...

Globalprotect connection speed is reallly slow in China mainland

Hi there, I am working overseas in China mainland and our GP recently has a really poor connection and hardly can connect to GP sever: globalprotect.soton.ac.uk . It has happend to whole team here. Just want to ask if there are some updates about this issue, Chinese Goverment start to interfere VPN in mainland or .. CHeers

1111.jpg
webwxgetmsgimg.jpg

Dual ISP with VPN

I'm working on configuring a branch office firewall with two ISPs and Site-to-Site VPN to our data center. The data center side has only 1 ISP connection I'm reviewing this article again, as I've used it in the past.https://live.paloaltonetworks.com/t5/Configuration-Articles/How-to-Configure-a-Palo-Alto-Networks-Firewall-with-Dual-ISPs/ta-p/597...

MikeC by L3 Networker
  • 3595 Views
  • 3 replies
  • 0 Likes

DoS policy notify

Hi, We have configured a DoS policy in order to limit the connections to several internal services.So when we launch a test in order to check that the connections are being limit we dont see any logs or event reporting it.But looking in policy statistics we see that its being applied.how can we verify that the policy DoS is working???? should we...

BigPalo by L4 Transporter
  • 11643 Views
  • 13 replies
  • 0 Likes

Comcast internet VPN disconnects

My company has not transitioned to GPCS yet and currently still uses Cisco AnyConnect. We have 10K+ remote users and 5weeks ago about 100+ users started getting random disconnects and they are all Comcast users with XB3 type modem. I wanted to ask the forum if anyone has seen this type of issue with GPCS as well ? I understand that there is a lo...

BGP config same AS different locations

Hello, We found some BGP routes with same AS we are using at our PA3020.PA3020 AS 65400 BGP route (from Cisco Router) * 172.27.0.0/20 193.242.39.6 0 65394 65390 8035 21302 65400 65316 64540 4755 4755 i Usually with Cisco routers we use the command neighbor X.X.X.X allow-as in What is the command in Palo Alto Fw ? ...

block all video streaming with palo alto PA-850??

Hello all, I want to block all video treaming with palo alto. do do following this: 1, go to Objects--> URL fitering--> add new URL fitering with name block_video. 2, in categories, I check in streaming-media and choose block. 3, I create the policy with full internet, and in action tab --> URL fitering --> Block_video. But ...

Chivas by L2 Linker
  • 8314 Views
  • 7 replies
  • 0 Likes

Global Protect Client Bundles not installing. VM100

I am trying to install a client bundle for GP on out test VM-100 The VM has no internet connection so I downloaed the bundle from PA PanGP-4.0.6 On "device > Global Protect Client " I upload the file, which works but nothign is displayed. If i go to "Activate from file" it sees the file, and seems to activate with success. But nothign appea...

Resolved! ICMP reply from the firewall instead of endpoint destination

Hello everybody,What could cause ping to respond from a different IP?When tested from source, the response message of the ping command is successful and it's coming from the PaloAlto firewall, not from the destination IP.Where and how can I verify on the PaloAlto if this is expected or not?What setup can cause such behavior on the PaloAlto?Need ...

000000 by L1 Bithead
  • 3886 Views
  • 2 replies
  • 0 Likes
  • 24359 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks