Enhanced Security Measures in Place:   To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.

General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Ensuring a Safe and Secure Community: How You Can Help

 

Dear LIVEcommunity Members,

 

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

safe-community_oct24.jpg
jforsythe by Community Team Member
  • 27 Views
  • 0 replies
  • 0 Likes

Resolved! Site to Site VPN Tunnel - NAT

Hello everbody,

 

I am most likely struggling with a NAT problem in a site to site VPN tunnel, hoping you have an idea or tip to this topic.

The setup is a site to site VPN tunnel between a PAN and a Cisco ASA.

There is a host (172.16.2.20) behind the PA

...

Resolved! PaloAlto WAN Interface segmentation

Hello

 

Please help me in this scenario

 

There is the big "Company Site" and the other branches point to this Site, there is an MPLS connection between the branches.

Our need is, the PaloAlto supports segmentation on the WAN part ? can we create a sub-in

...

VRF WAN.jpg

candidate configuration

Hi,

What is candidate configuration and what is the purpose of candidate configuration ?

What is the differnece between save candidate configuration and the save using the button on the top right corner ? 

What is the differnce between save candidte con

...

simsim by L4 Transporter
  • 2964 Views
  • 4 replies
  • 0 Likes

Resolved! Can Palo Alto firewall act as a SCEP server

I would like to generate a SCEP request that I want to have signed by the CA on the Palo Alto firewall.  I have beel looking at the documentation and asking my buddy Google, but have not found a way to do this.  I am thinking this is not supported.  

...

Firewall VM for GNS3

 

Hello everyone.

 

Can anyone please tell me the steps to getting a PA-VM for GNS3? I've been doing some reading and need to practice using a virtual environment.

 

Thanks.

QoS on Tagged VLAN Sub-interface - PAN5250

Hi, this question may have been asked before, but I'm still curious what the best practice is in my situation.  Here's what I need to do: a LAG (port-channel) with two 10gig interfaces is carved into mulitple subinterfaces.  I'd like to cap the max b

...

Global protect IP address

GlobalProtect gateway client configuration generated. User name: bozo, Private IP: 136.176.144.x, Client version: 4.0.0-90, Device name: clownmobile, Client OS version: Microsoft Windows 10 Pro , 64-bit, VPN type: Device Level VPN.

 

Why is the PA clas

...

jdprovine by L4 Transporter
  • 2940 Views
  • 7 replies
  • 0 Likes

Resolved! Top countries where cyber attacks originate

Good day everyone, 

I am looking for some help information with finding "Top 15 countries where cyber attacks originate"

I know there are alot of blocklist out there, those have IP addresses. That is not what I am needing. 

 

If anyone can recommend webs

...

SSL CSR SAN Multiple Uses

PA-5220, 8.0

 

I need to generate a CSR for a cert that will be used for multiple things - web gui admin, globalprotect vpn, etc. The instructions for how to gen the CSR with subject alternative names are not clear.

 

Should the common name be one of the

...

mike406 by L2 Linker
  • 4253 Views
  • 5 replies
  • 0 Likes

Resolved! nat before vpn tunnel use case question

Hello I am looking to understand if what I am trying to accomplish will work. Given a PAN connecting to an ASA using a L2L IPSec VPN Tunnel to access two distinct ip addresses behind the ASA. Now these IP Addresses are duplicated on the LAN the PAN c

...

Tsquared by L0 Member
  • 3594 Views
  • 4 replies
  • 0 Likes

Resolved! Advertise NAT Pool via BGP

Hi,

 

I need to advertise a NAT pool to an external partry via BGP. When i attmpt to configure the static route with as below.

 

 

 

 

I get the error message when attemping to save the virtual route configuration.

 

 

What is the correct way to configure a st

...

nat configuration.png
nat error.png
  • 23584 Posts
  • 107 Subscriptions
Labels