General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Ensuring a Safe and Secure Community: How You Can Help

 

Dear LIVEcommunity Members,

 

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

safe-community_oct24.jpg
report-content.jpg
jforsythe by Community Team Member
  • 423 Views
  • 0 replies
  • 2 Likes

Removing peer from HA cluster

I have a pair of PA-3020s running 7.1.x in HA configuration. I need to remove the passive switch from the rack to be used in another location. What is the best way to disable the HA and delete the config from the active switch without risk of service

...

Resolved! Re-creating a specific routing configuration.

Hello folks,


I am trying to reproduce a configuration from work where we use a Metro Line to connect our two sites.  It's working at my job, but not at home.  It seems like a simple setup and I think I am close, but having an issue.  Checking if anyon

...

metrof.jpg
metroc.jpg
metrob.jpg
metrod.jpg
OMatlock by L4 Transporter
  • 3503 Views
  • 5 replies
  • 0 Likes

Interface in vsys

Hello

 

this may sound like a stupid question but i could not somehow find a definitive answer to this in the PAN OS Guide:

 

We have to configure a 3050 iun multi-vsys configuration. We would be needing 2 interfaces per vsys and we wil be having 2 vsys

...

Resolved! Is Zone Protection on Shared Gateways Supported

I have a question regarding Zone Protection on Zones in a shared gateway.  Is it supported.  When I try and configure it it seems to be valid configuration.  However as a shared gateway does not generate logs where do the the ZP logs go?  Also when I

...

CHammock by L2 Linker
  • 3802 Views
  • 4 replies
  • 0 Likes

GlobalProtect install restrictions

Hi all


I was wondering if there was a way to restrict who can install the GlobalProtect client ?

 

As an example, at the moment if any user launches the gateway page can download and install the client on their own computer albeit they need an active ac

...

djh3003 by L0 Member
  • 2438 Views
  • 4 replies
  • 0 Likes

SSL decryption error

I had configured SSL decryption on PaloAlto VM-50 before 6-7 months ago. There was working normally till today. Today some users get below error when they want to enter site. There is shown “decrypt-cert-validation” message on PaloAlto traffic logs.

...

image005.jpg
Radmin_85 by L4 Transporter
  • 4199 Views
  • 4 replies
  • 0 Likes

Help with IPSEC VPN with overlapping subnets

I'm working with a vendor to setup an IPSEC VPN but we have an overlapping host address. My side has a PA500 and their side is a Sonicwall.

 

Palo Alto Side:

 

Source server: 192.168.100.20

Their Server: 192.168.100.85

 

My server NAT address: 10.0.0.20

Thei

...

High memory usage PA 3020

Hi, can someone help me? I have PA-3020, about 900 security policies, about 50 vpn tunnels (low traffic), I noticed high memory usage , What could be the reason for this? How can i relaease this?

 

soft: 7.1.4-h2

 

Cpu(s):  0.5%us,  0.5%sy,  0.0%ni, 98.8

...

Unused Services

Is there a way to tell if a service is being used? I am trying to verify that the services the migration tool lists as unused can be deleted. It might be enough to go by what the migration tool says but I usually like to verify it a couple different

...

jdprovine by L4 Transporter
  • 3635 Views
  • 3 replies
  • 0 Likes

Resolved! Oversize Microsoft RADIUS Response Packets

Oversized MS NPS radius response for EAP authentication request is dropped from the Firewall.
Is there any solution on this? Customer do not want to make any adjustment or modification from the server end.

 

 

Apart from enabling Jumbo frames and "adjust

...

Resolved! Global Protect Access routes for Office 356

Hi Guys,

 

I am struggling to find a solution for one request that I have from customer. We have VM-300 with PanOS-7.1.6 and customer wants to enable Global Protect for remote access users. The tricky part is that for the split-tunneling configuration

...

  • 23695 Posts
  • 110 Subscriptions
Top Solution Authors
Labels