General Topics

Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

 

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! 

 

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 197 Views
  • 0 replies
  • 0 Likes

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

 

Rules and Best Practices

 

  1. Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion
...

JayGolf by Community Team Member
  • 879 Views
  • 0 replies
  • 0 Likes

Dynamic 1:1 NAT on the Palo Alto interface.

We are looking at some method where we can dynamically NAT subnets behind the Palo Alto Firewall to pick an IP address from the network defined on the external interface.

 

e.g. I have the external IP address network defined as 10.100.100.0 /24. The IP

...

nson2139 by L3 Networker
  • 2915 Views
  • 2 replies
  • 0 Likes

Issue Static Source NAT

Hi Expert ,

 

I have some issue about Static NAT due to I have secondary public ip on the same interface such as on ethernet 1/3 have 192.168.1.22/24 and 192.168.55.1/32 and config nat bi-direction such as source  trust > 172.16.1.22 to untrust  and So

...

Resolved! how to whitelist an URL with a wildcard in the name ?

I'v got a question about whilesiting URL's

 

I want to whitlist the following URL, github-production-user-asset-*.s3.amazonaws.com.

but, it's only possible to use a wildcard to replace full hostname spaces of the URL ( like *.s3.amazonaws.com )

 

how do I

...

DaxVC by L2 Linker
  • 3501 Views
  • 1 replies
  • 0 Likes

Minemeld install error on RHEL

I am attempted to perform an ansible install of Minemeld on RHEL 7. I am receiving the following error. Anyone seen this and have any suggestions for remediation?  Thanks

 

I receive the following message when I run the ansible playbook:

 

TASK [mine

...

taustin by L1 Bithead
  • 3068 Views
  • 2 replies
  • 0 Likes

invalid interface

hello have getting a lot of 802.1q tag not configured and invalid interface message in global counters. I'm trying to find the cause, I have configured subinterfaces I see traffic in rx.pcap with properly tag, all traffic is dropped, I see as destina

...

Marivi by L2 Linker
  • 7400 Views
  • 8 replies
  • 0 Likes

Feature Request - Reporting

I just spoke to Jim Silha about reporting.  Palo Alto comes with a user activity report.  Under the section 'Browing Summary by Website' there is a 'Host' column.  It is much more report friendly than say 'URL'.

I would like to be able to use that in

...

HA Active/Active and VPN

Hello,

 

We have a scenario where a customer wants to deploy two PA3250s in two different locations which will be an Active/Active cluster. There will be a layer 2 link between the two sites and also customer wants a VPN as a backup if the layer 2 link

...

sajidsil by L0 Member
  • 3385 Views
  • 3 replies
  • 0 Likes

LDAP interval

Hi,

I have a question in reference to the LDAP interval time. Specifically what my goal is I want to be able to let the firewall know about my AD group membership changes quicker. For example if I have a specific AD group that is configured on the fw

...

Resolved! URL domain reports

Hello,

I'd like to produce URL reports. I noticed that you can get report on the comlete URL but not based on the URL domain.

i.e i get entry for www.pippo.com/cpp/layout.css and another entry for www.pippo.com/img/pippo.jpg and for report purpose is o

...

Resolved! Meaning of different Interface states

I have scourred everywhere......

 

What are the differences between the interface states? I can't find anything anywhere!!

 

ukn/ukn/down(power-down)

disabled/down

forced/ukn

forced/down

 

If there are others I have missed, I'd love to be enlightened.

 

 

Weirdest thing I have seen

Having a weird issue. I installed an 820. I have internet traffic being NAT'ed. My gateway is set to the Palo. My hops to the internet look like this 

 

Windows Box ---> Palo 820 --> Cisco Pix --> Internet Provider

 

Pretty basic.. I have a rule in place

...

Bad certificate _ inbound ssl inspection

Hi All

 

we are using 3rd party singed certificate for inbound SSL inspection , once we imported the certificate it is not showing any error and commit is working fine . once we add the certificate to decryption policy it is showing error as bad certif

...

Rameshwar by L3 Networker
  • 3286 Views
  • 3 replies
  • 0 Likes

Resolved! URL Category and URL Profile in same Rule

We have a default URL Filtering Profile that we use for general use.  The default URL Filtering Profile has a couple dozen URL Categories which are set to alert.  I need to allow EXEs from only five of the URL categories.  If I add the five URL Categ

...

GlobalProtect remote access - some pointers

Dear All,

 

I'm relatively new to Palo Alto firewalls and I am attempting to implement GlobalProtect to provide remote users with access to our internal network through the Palo Alto firewall and I am striggling to get even the most basic system workin

...

  • 24013 Posts
  • 115 Subscriptions
Top Solution Authors
Top Liked Authors
Labels