General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Ensuring a Safe and Secure Community: How You Can Help

 

Dear LIVEcommunity Members,

 

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

safe-community_oct24.jpg
report-content.jpg
jforsythe by Community Team Member
  • 249 Views
  • 0 replies
  • 1 Likes

Customer Account Personal Email

I bought a pa-220 for my own personal lab through my employer's pa vendor and I would prefer not to use my company email account just in case I were to leave my company. If that would happen, a year from now when my licenses expire, I won't be able t

...

Routing via PBF vs OSPF

I’m working on an implementation for about 15 branch offices where my organization is replacing an inconsistently-configured mix of SonicWALL and PA hardware with mostly PA-220’s. Each office has a Metro-Ethernet connection (100 Mbps at branches and

...

locampo by L2 Linker
  • 2823 Views
  • 3 replies
  • 0 Likes

Resolved! Forwarding Decisions in PANOS

Hey guys. Fairly new to PANOS and also coming from the perspective of having been a longtime IT generalist with a large interest in networking to finally having a role as a dedicated SEM network engineering role. Having said that, we recently encount

...

locampo by L2 Linker
  • 5244 Views
  • 5 replies
  • 0 Likes

I want know CPU resouse mesage

What is mean???

 

flow_lookup       flow_fastpath     flow_slowpath     flow_forwarding   flow_mgmt         flow_ctrl         nac_result       flow_np           dfa_result       module_internal   aho_result       zip_result       pktlog_forwardinglwm  ...

awawa100 by L2 Linker
  • 2443 Views
  • 2 replies
  • 0 Likes

Resolved! SSL Website won't load with decryption enabled

Hello.

 

One of my users was trying to go to:

 

https://mn.b3benchmarking.com/Launch

 

We have SSL forward proxy enabled.  If I exclude the site from decryption is comes up fine.  We are not using any decryption profiles.

 

Can anyone tell my why the sites w

...

dannon by L3 Networker
  • 4668 Views
  • 3 replies
  • 0 Likes

Best Practice IPSec Tunnels

I was wondering if anyone had some good best practice recommendations for IPSec tunnel configurations. I’ve set up a lot of these in my time, but I’m realizing that I still don’t have a firm grasp over all these choices other than “make them match on

...

locampo by L2 Linker
  • 3064 Views
  • 1 replies
  • 0 Likes

Resolved! GlobalProtect breaking the Internet

Hello,

 

We have an issue with our Global Protect client. The end users are able to connect and work fine, but when they press the disconnect button on the Global Protect client it is breaks their internet. Whether the user is connected to a WiFi netwo
...

Error.jpg
Farzana by L4 Transporter
  • 11683 Views
  • 3 replies
  • 0 Likes

Allowing Mapquest

Greetings,

 

 

One of my departments is requesting access to Mapquest for their users. Currently they have limited Internet access. I have added *.mapquest.com/ and it brings up a very limited webpage (no links). So I did some searching and found that M

...

Resolved! Group Mapping vs Authentication Profile

Hi

 

Here is what we want to do:

1. Implement a security policy rule based on user group membership

2. There is no User ID using any Agent. The users will authenticate using captive portal.

3. Firewall will use LDAP to retrieve group mapping

4. PAN OS 7.1

 

...

NTP and proxy bypass

Hi i have a problem at the moment where it appears there is a proxy/Vpn application that is using port 123 .

as i have lots of byod devices that require access to NTP i leave the port open.

 

When I look at the monitor logs it source port can be anythin

...

Resolved! Query on Certificate/access Internet

Is there a way to configure the firewall so that users can access internet without needing to install certificate?

Currently users have to have a certificate installed on their devices to be able to connect to the internet.

Any article on this?

Farzana by L4 Transporter
  • 2203 Views
  • 2 replies
  • 0 Likes

Session info not in sync in CLI and Web GUI

My PAs are on PAN OS 7.1 OS, I have noticed that session info is immediately displayed in CLI when I use sh session all filter command but when I see in GUI , there is a delay or sometimes I never see that session in Web GUI >Monitor>traffic

Is this a

...

High Avaibility problem A\P

There are two PA-500 firewalls in High Availability state A\P

After failover process the passive device become active but didnt pass the traffic.One possible reason which i suppose to be is the Gratious Arp packets are not send to the port of switch 

...

Radmin_85 by L4 Transporter
  • 2165 Views
  • 3 replies
  • 0 Likes
  • 23627 Posts
  • 107 Subscriptions
Top Liked Authors
Labels