General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

How and Why to Accept a Solution to Your Post

Did you know that you can help your fellow community members by accepting solutions when a reply answers your question Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature

...

JayGolf_0-1691518400714.jpeg
JayGolf by Community Team Member
  • 1879 Views
  • 1 replies
  • 10 Likes

Resolved! policy drop with icmp not sending icmp

I have a catch all before the default/inbuilt rules

my action is drop with icmp

 

but when i test and run a tcpdump at the same time I see no icmp packet to say unreachable .

 

Very strange ? 

 

Anythoughts ??

 

MSFT Office365 Domain As Phishing?

I was running a 228 PAN-DB version and have since noticed the content version updated.  Did anyone else have any issues with Office365 services?

 


ME @firewall(active)> show running url secure.aadcdn.microsoftonline-p.com

DP dp0:

secure.aadcdn.microsofto

...

PA-220 boot Error?

Received this Unit today and on 1st boot,

 

N0.LMC0 Configuration Completed: 8192 MB Warning: Board descriptor tuple not found in eeprom, using defaults KINGFISHER board revision major:1, minor:0, serial #: unknown OCTEON CN7130-AAP pass 1.2, Core cloc...

Resolved! Query on L2 bridging over a L3 network

Hi,

 

We have a pair of PA-500s separated by a L3 MPLS IPVPN network. We require to bridge a layer 2 segment across the two sites.

 

One option we would like to explore is going from PA to PA on a new physical port at each end. We need to bridge HSRP and

...

Farzana by L4 Transporter
  • 1970 Views
  • 1 replies
  • 0 Likes

PA apps

Hi,

 

We are expecting problem with PA identifying apps.

We have sessions in port 13000 being identified as play-station network. These sessions are not related to Pstation.

 

On the another hand, we also have sessions in port 80 being identified as unkno

...

Resolved! Problems with assiging ip address to vm-50 on hyper-v

I have some problem with assigining ip address and other parameters to vm-50 on Hyper-V.I have downloaded vhdx file of pan-os 8.0 and installed it.but after i set the ip address it doesnt save the setting.i type commit but nothing changes.unknown ip

...

Screenshot_1.png
Screenshot_2.png
Radmin_85 by L4 Transporter
  • 2903 Views
  • 1 replies
  • 1 Likes

Resolved! Security polices and nat and cluster

Hi

 

So I have a active / active cluster, but I am not sync my VR config.  I am connected to an OSPF network

 

 

lets say my internal network is

OSPF int ae1.19 192.168.19.0/24

loopback.1 192.168.255.25/32 and 192.168.255.26/32 - ospf routerid (one for each

...

DSRI on IPSec/VPN traffic

We have a rule allowing VPN traffic (IPSec) from our Guest environment. This traffic is non-decryptable. We would like to reduce CPU by disabling Server Response Inspection for this traffic? Do we lose anything from a security perspective if we do so

...

Port Forwarding Problem

This should be fairly simple but am at wits end.  

 

I need to forward 2 ports from an external IP to an internal private ip (Ports 8088 and 22).  I found this article and am following its example:  https://nubisnovem.com/pinning-a-hole-in-palo-alto/

 

 

...

PA2.PNG
PA1.PNG
RJSCSLLC by L1 Bithead
  • 4261 Views
  • 6 replies
  • 0 Likes

Auto reconnect Global Protect

Hello Everyone

 

There are some branch offices which have slow internet connection.Sometimes because of no internet connection for 5-10 seconds Global protect disconnect.Is there any option to automatically reconnect global protect?

Radmin_85 by L4 Transporter
  • 5549 Views
  • 3 replies
  • 0 Likes
Top Liked Authors