General Topics

Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

 

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! 

 

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 193 Views
  • 0 replies
  • 0 Likes

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

 

Rules and Best Practices

 

  1. Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion
...

JayGolf by Community Team Member
  • 875 Views
  • 0 replies
  • 0 Likes

blocking unknow tcp and udp

The 2017 Palo alto networks best practices recommends blacklisting/blocking unknow-tcp and udp, my first thought is has something changed since this article ?

https://live.paloaltonetworks.com/t5/Management-Articles/Pro-Tips-Unknown-Applications/ta-p/

...

jdprovine by L4 Transporter
  • 8862 Views
  • 10 replies
  • 0 Likes

Resolved! Is EDU 110 Training free?

I see that there are a few posts about similar training (EDU 101) being free, but I wanted some clarification on the other self paced training options. I'm a Palo Alto customer, and I see that I have access to "activate" a large number of training co

...

Resolved! Troubleshooting GlobalProtect

PA220, 8.1.1, GPClient 4.1.1, GP license activated. 

Connecting to the GPportal/gateway works fine. Traffic routes as expected. 
We're still testing, so access is severly limited and policies wide open once connected. Literally, everything is allowed f

...

Nathan.S by L3 Networker
  • 6003 Views
  • 8 replies
  • 0 Likes

Resolved! Filter for multiple subnets

 My filter is not working, can you tell me why?

 

((addr.src notin '172.0.0.0/8') or ( addr.src notin 10.0.0.0/8 ))      and      ((addr.src notin '180.0.0.0/8') or ( addr.src notin 100.0.0.0/8 ) or ( addr.src notin 200.0.0.0/8 ))

or for easier reading;

...

Resolved! MineMeld for importing STIX XML files

Hey guys,

 

I hope you are all doing great.

Its my first touch to both STIX XML files and MindMeld, so I was hoping to get a shed of light with at least if it is possible?

 

I am trying to find a way to import manually a STIX file (which I have attac

...

Resolved! Cannot Ping Default Gateway

Hi Team,

 

I am trying to set up a lab. I have configured PA and set up a client machine. But I have configured client machine and provided the IP address in the same subnet as one of PA's interface. Even after doing so, I am not able to ping default g

...

SudhirK by L1 Bithead
  • 23838 Views
  • 6 replies
  • 0 Likes

SSL forward proxy CA cert

My enterprise has a CA root certificate pushed out to all clients. I am now planning to implement ssl decryption and want to import same cert and keys onto firewall for ssl forward proxy. what are the downsides of doing this? is it a good idea to use

...

How to configure dynamic NAT IPs

I have a german ADSL connection and would like to make it accessible from outside. My server has internally the IP 10.0.109.111. From outside it is accessible via a DynDNS name because the public IP changes daily.
My router has the 192.168.4.1 IP and

...

2018-06-07 16_25_52-PA220-MZH-BW.jpg
2018-06-07 16_25_41-PA220-MZH-BW.jpg
2018-06-07 16_25_23-PA220-MZH-BW.jpg
2018-06-07 16_24_59-PA220-MZH-BW.jpg

Configure DUAL ISP

We have now two ISPs 

And we want to configure PA so that when first ISP is down the traffic (in and out) passed to the second ISP

Can you give me please a guide about it?

Radmin_85 by L4 Transporter
  • 4520 Views
  • 10 replies
  • 0 Likes
  • 24009 Posts
  • 115 Subscriptions
Top Solution Authors
Top Liked Posts
Top Liked Authors
Labels