Enhanced Security Measures in Place:   To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.

General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Ensuring a Safe and Secure Community: How You Can Help

 

Dear LIVEcommunity Members,

 

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

safe-community_oct24.jpg
jforsythe by Community Team Member
  • 27 Views
  • 0 replies
  • 0 Likes

Quick Note on 8.1.0 Deployments

Since its release we've seen an uptick in folks deploying 8.1.0 to their firewalls, and that's a great thing. I just want to throw out a word of caution before doing so however; while 8.1.0 is one of the most stable base releases Palo Alto Networks h

...

BPry by Cyber Elite
  • 9024 Views
  • 15 replies
  • 6 Likes

A/A vWire Deployment Forwarding MAC Address on HA Links?

Hey Guys,

 

I'm having an odd MAC flapping issue when I implemented a A/A PAN under a A/P ASA. I'll give the high level and attach a topology with the failure patterns I saw.

 

We have a pair of 5585X's as the traditional L3 / L4 internet facing Firewall

...

PAN Boards.png
PAN Boards 1.png
JamesFer by L1 Bithead
  • 4466 Views
  • 5 replies
  • 0 Likes

Resolved! QOS and internet traffic

Can PANOS controll / rate limit  internet downloads ?

 

On my squid boxes I can ratelimit and it does this by delaying acks.

 

Can the PA QOS do this work as well ?

 

Resolved! How to Change network address of running MineMeld server

Hello,

 

I have a MineMeld server working perfectly with different nodes (O365, Zeus, etc). It has an IP address like: 192.168.1.xxx but now I want to change to a different VLAN ex: 192.168.99.xxx

 

So what is the process to change this correctly to work

...

aitorms by L1 Bithead
  • 14920 Views
  • 6 replies
  • 0 Likes

Resolved! How-to delete a policy-based forwarding rule from CLI

I'm trying to find the correct syntax to delete a policy based forwarding rule from a PA firewall via the CLI.  having a really hard time formulating this from the CLI reference.

 

How would i do this by referencing the ID.

 

also, this firewall is manag

...

Resolved! Global Protect include a specific URL?

Hey folks,

 

This is a follow up question from one of my other posts.  We are using PAN-OS 7.1.15 and GP client 4.1.

https://live.paloaltonetworks.com/t5/General-Topics/GlobalProtect-and-general-Internet-access/td-p/207888

 

We are moving to Okta as our I

...

OMatlock by L4 Transporter
  • 3528 Views
  • 2 replies
  • 0 Likes

inbound ssl decryption - multi cert to single ip

Hoping to get a little feed back regarding inbound ssl decryption.

 

We have beeing doing inbound ssl decryption to our public presense on version 8.0.7.

 

Things have been going realitivley well but I am running into some issues and not sure if I can fi

...

clewis1 by L3 Networker
  • 3656 Views
  • 4 replies
  • 0 Likes

Resolved! user-ID cache timeout vs idle timeout on firewall

Hi 

 

1- On firewall, what is the different between cache timeout value (1 hour that cannot be configure) and idle timeout value (which is equal to user-ID agent timeout value)? 

3- if idle timeout value is 480 minutes (8 hours) then what will happen to

...

AD Integration not working after upgrade to 8.1

I recently updated to 8.1 from 8.0.8 on one of my PA-220s. My UserID isn't working any more. I can't login with AD creds either. When I go to the User Identification area the Server Monitoring says "Not connected" This is my secondary device in my HA

...

Resolved! Designing Networks with Palo Alto Networks Firewalls

Hi All technical people ,

 

I have a simple query . I want to use PA firewall in HA and with a single ISP . In this case , as obvious, I need to use a switch in between my firewall and ISP and my understanding is clear upto this point but the real prob

...

IPsec Tunnel

This might be a dumb question but I am going to ask it anyway, otherwise I may never know.  I want to replace an ASA 5510 firewall IPsec VPN into a PCI network using Palo alto. What is the best way to approach that? 

jdprovine by L4 Transporter
  • 3408 Views
  • 10 replies
  • 0 Likes

Resolved! Configuring DNS proxy - interface is invalid

I have network sub interface with DHCP enabled, I'm trying to attach DNS proxy to it because I need to resolve a name which is not resolved by the DNS server we are using (say 8.8.8.8) but I'm getting erros:

 

  • Details:
  • Validation Error:
  • network -> dn
...

ibge by L1 Bithead
  • 3159 Views
  • 1 replies
  • 0 Likes

Resolved! Disabling GP client but where are the logs kept?

Does anyone know if anything is logged on the firewall side when someone disables the GP client? We require a password to be entered when the client is disabled but I am not finding anything in the system logs that can be related to the event. 

 

Obvio

...

hshawn by L4 Transporter
  • 2442 Views
  • 3 replies
  • 0 Likes

Commit with warning

Hi,

when I attempt to apply a commit I receive this warning:

The following component(s) are mismatched with the peer device:
Application Content
Threat Content

 

Why this? If I apply the commit what is the result? Do I have to worry?

I have 7.0.9 version.

 

s_quasar by L3 Networker
  • 2629 Views
  • 6 replies
  • 0 Likes
  • 23584 Posts
  • 107 Subscriptions
Labels