General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Ensuring a Safe and Secure Community: How You Can Help

 

Dear LIVEcommunity Members,

 

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

safe-community_oct24.jpg
report-content.jpg
jforsythe by Community Team Member
  • 334 Views
  • 0 replies
  • 2 Likes

Outlook and Global Protect

In the past when our users disconnected Global Protect, Outlook would disconnect immediately.

 

Seems like this no longer the case. When GP is disconnected Outlook continues to work.

 

I'm wondering if anyone has every eperience this before?

 

Thanks

berket13 by L0 Member
  • 2673 Views
  • 4 replies
  • 0 Likes

Resolved! Expressway-E and C and NAT and VW

Hi,

 

I have deployed Expressway (cisco ToIP) E and C  as per the diagram below .PA is in VW mode .

Does it work  without any changes in the PA ? 

Or Is there any policy must be created ? 

 

Thanks 

PA.png
simsim by L4 Transporter
  • 2410 Views
  • 1 replies
  • 0 Likes

Response Page Issue

https://mail.yahoo.com (web based email) and https://web.tresorit.com (online storage and backup)  are both  blocked via url category filter as per screen shot. But... I am only getting the response page for mail.yahoo.com.

web.tresorit.com just gets

...

URL-Block.png
Mick_Ball by L7 Applicator
  • 1946 Views
  • 2 replies
  • 0 Likes

IPSEC VPN Tunnel Failover and Nexus 7K VPC Design

Hello,

 

A and B question:

 

A. We have two Palos in A/S. The active has a functioning IPSEC VPN tunnel  terminated to it. Is there any way to have the tunnel renegotiate to the S when it becomes A?

 

B. What is the proper way to design an A/S PA/Nexus 7k

...

Resolved! LDAP group member enumeration problem

I am running PAN OS 8.0.7 and having a problem with getting the members of a group enumerated by the firewall.

 

The group is shown by the firewall in the GUI and can be added to security policies, and the CLI if I run the "show user group list" comman

...

rbentley by L0 Member
  • 3490 Views
  • 1 replies
  • 0 Likes

Strange packet drop

Hello guys,

 

I have a PA820 in active/passive mode who has a strange behaviour. I have created a rule that permits that traffic but the device drops it. I see "allow"in the logs, but with a capture I can clearly see the SYN in the dropped section and

...

PA_log_forum.png
PA_rule_forum.png
Shye80 by L1 Bithead
  • 2102 Views
  • 2 replies
  • 0 Likes

Any issues not documented on version 8.0.6?

Hello Community,

Since the security advisories were released yesterday, we are looking to upgrade to the newer version. Has anyone experienced any issues with 8.0.6 from 8.0.5 that are not in the release notes?

 

 https://securityadvisories.paloaltonetw

...

Resolved! TEST VM-500 on ESXi Deployment

Dear Community,

 

I hope you are doing alright.

We are in process of renewing our firewalls and I would like to test-deploy latest version of the Palo Alto VM-Series 500 on VMware vSphere Hypervisor (ESXi).

 

Could you please let me know how I can the fol

...

Resolved! PA cluster certificate missing

Hi,

 

We have two devices in HA, we realized that active node has a certificate (captive portal) but the passive not. The configs are synchronized but the passive doesnt have this certificate. We tried to export this certificate from node active and im

...

Resolved! ROBOT attack - some advice needed

Hello

 

According to https://live.paloaltonetworks.com/t5/Threat-Vulnerability-Articles/PAN-OS-exposure-to-ROBOT-attack/ta-p/192397

For complete protection, signature #38407 must be applied upstream from any interfaces implementing SSL Decryption, or ho

...

_slv_ by L4 Transporter
  • 5345 Views
  • 5 replies
  • 0 Likes

Edge Firewall Design

I am trying to design the edge firewall and core network currently and I have a core Layer not in a "stack" or "VSS" so they are independent Core switches. They are doing the routing to the private WAN, and will be doing the routing to the Edge Firew

...

  • 23670 Posts
  • 108 Subscriptions
Top Liked Authors
Labels