This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4237 Views
  • 0 replies
  • 0 Likes

Resolved! Creating a duplicate network?

Hi folks, I am being asked to create a duplicate network that will service VM clones of production VMs for testing and development purposes (without changing their IP or anything else). We have something similar at a different site using "transit" zones and individual NAT rules (that I did not configure), but this task is a bit different from t...

replica_diagram.jpg
OMatlock by L4 Transporter
  • 3811 Views
  • 3 replies
  • 0 Likes

Resolved! Global protect high availability

Hi Techie, Am deploying global protect in 4 different region, based on regions they will be getting connected to appropriate portal. if the appropriate location portal is down then they have to come to DC portal, how do i achieve it ? FYI, Am using prelogon based authentication and i have machine certificate verification for the identity check o...

HELP - Computers with two network adapters

Hello, I have a network with a few computers with two network adapters NIC1 to the main netwrok 1.1.0.0/16NIC2 to the backup network 1.2.0.0/16 We are detecting the lost of connection every few minutes. It's necesary any special configuration to allow this arquitecture? Thanks

m.molina by L1 Bithead
  • 3043 Views
  • 2 replies
  • 0 Likes

Resolved! Incorrect QoS Configuration Caused Network Traffic Outage

Quick design question Community. The setup is a core switch that terminates a Palo Alto for WAN and then a private circuit for internal resources back to a core in a different location. In the event they lose the WAN circuit, I need to route all the internet bound traffic back through the private circuit. I was going to treat it like a Dual ISP ...

Blocking access to Consumer gmail accounts, but allow Google Apps

According to Google, the only way to block access to consumer gmail accounts, is to intercept the traffic, and insert a HTTP header for all traffic going to google.com. Obviously PAN-OS can perform SSL inspection, but can it do the HTTP header insertion? Here's Google's page on this: https://support.google.com/a/answer/1668854?hl=en

Configuration Migration

Hello to all and sorry if this has been posted before. We are new to Palo Alto Networks Firewall. We are in the process of procurring and installing our first PAN device. With that in mind we do have quite a bit of experience with Cisco ASA FW but none currently with PAN FW. With that in mind we don't know how much time would be involved with mi...

amedley by L0 Member
  • 9073 Views
  • 8 replies
  • 0 Likes

Resolved! Behavior Palo alto user id agent whit new update in windows Server 2012 R2 2018-03 Security Update

Dear community, I must update our windows server 2012 whit a update in order to resolv a vulnerability whit adobe flash palyer: windows Server 2012 R2 2018-03 Security Update for Adobe Flash Player for Windows Server 2012 for x64-based Systems (KB4088785) Is there any known issue whit this update and agent id of PaloAlto?? RegardsRuben

Resolved! Most common design with Cisco Networking?

Hi Folks, We currently use our PA 3020 firewalls with Layer 3 interfaces, Internet plugin directly, and doing all the routing for our network. Learned routing from L3 interfaces and manual static route entry. No routing protocols at all. We have old HP switches downstream, all Layer 2 function, and HP servers beyond that. We are getting ready...

OMatlock by L4 Transporter
  • 6352 Views
  • 5 replies
  • 0 Likes

Custom Application Signatures

Curious if anyone is successfully using the commvault application within their Palo Alto application policies? We tried it and it is not working at all to detect our CommVault application traffic. The details on the application itself seem quite old.

zthiel by L2 Linker
  • 3747 Views
  • 4 replies
  • 0 Likes

speedtest.net giving different results VM vs. PA-220

after switching from a PA VM on an ESX to a PA-220 i noticed a huge decrease in throughput from speedtest.net - with the VM in vwire or l2 mode i am getting rates consistent with native line speed (around 500Mbit/s down and 250Mbit/s upload). With the PA-220 in either vwire or l2 i am seeing a huge decrease in results in the region of 60 Mbit/s ...

stlenger by L1 Bithead
  • 4620 Views
  • 4 replies
  • 0 Likes

Global Protect 4.1 Password Length

Is there a password limit to the new Global Protect client 4.1 for Windows? It seems to stop at 20 characters. It made me chuckle to think that PA was limiting the number of characters we can use.Thanks, Steve

Active/Passive PAs Connected To VPC Nexus 7Ks

This was also posted on the Cisco forum because I'm not sure yet what is the problem's root cause. So I'd appreciate insigt from the Palo experts as well. Below is the problem: Each 7K can ping the active-pal. Active-Pal is connected to 7K A, so Active-Pal’s mac appears on 7K A’s interface. 7K B, again, can also ping Active-Pal. Of course, Acti...

Traffic_Flow.JPG
  • 24358 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks