General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Failed upgrade

I tried to do an upgrade from 7.1.13 to 7.1.14 and it appeared to install fine, but the ports, all the ports, failed to come up again. So I rolled it back to 7.1.13 and it went back to working fine

jdprovine by L4 Transporter
  • 3905 Views
  • 6 replies
  • 0 Likes

Upgrade from 7.0.12 to 8.0.6-h3

Hi, I have checked the PAN-OS upgrade document and find it bit confusing. Using standalone device. Can someone please confirm if the following upgrade path will be correct? 7.0.12 —> download 7.1.0 —> Install —> RebootDownload 7.1.15 --> InstallDownload 8.0.0 —> Install —> RebootDownload 8.0.6-h3 —> Install —> Reboot Than...

Farzana by L4 Transporter
  • 4298 Views
  • 6 replies
  • 0 Likes

Resolved! Upgrading from PA500 to PA220

Sales team reached out to me recommending that we upgrade our PA500 to the PA220. We are a small company with a data pipe of 100MB. We do not have a lot of settings on the PA500. On an average we have around 1500-2000 sessions per the UI Home page. Looking at the ACC, I set it to 24hours and athe highest is around 22,000 (looks like about an ave...

jharlow by L3 Networker
  • 7953 Views
  • 7 replies
  • 0 Likes

PANGP Virtual Adapter Not Created

Hello, The company I work for uses Global Protect as their VPN (transitioning from AnyConnect) and I am having an issue after install. This is a Windows 7 PC, HP Compaq Pro 6300 SFF, and it does not create the PANGP Virtual adapter. GP version 4.00.02. I have not found an issue in the knowledge base so I am asking here instead. Any insight o...

RQinD4 by L0 Member
  • 2694 Views
  • 2 replies
  • 0 Likes

commit lock

Is it possbile to apply a commit lock prior to and upgrade and still be able to upgrade the OS?

jdprovine by L4 Transporter
  • 1796 Views
  • 1 replies
  • 0 Likes

User-ID with Azure AD

We currently use User-ID with an on-premise Active Directory server. We are planning on moving to Azure AD (not to be confused with AD services in Azure). Are there any plan on getting User-ID to work with AzureAD (web Auth)? What other options can I use to continue to use User-ID if we do not have Active Directory on premise? Thanks.

jharlow by L3 Networker
  • 10237 Views
  • 8 replies
  • 0 Likes

Resolved! Version 7.1 for PA-850

Is there a way of getting 7.1 onto an 850? Need to get new firewall into service soon, ideally managed by Panorama. Panorama is on 7.1 and it seems cannot communicate with the 850 as it has shipped with 8.0. Won't be able to get Panorama upgraded in time due to change control restrictions.Can deploy firewall as standalone and bring under Panoram...

Catchall DNS and Redirect to host

My old firewall was able to catch all dns requests from a zone and redirect them to a defined server. I cannot find a way to do that on the Palo Alto. Can it be done?

Use of computer ldap groups in source-user policy field on palo alto

We are attempting to use a computer based ldap group in the source-user field of a traffic policy on our palo alto 5020.At the moment that policy is being ignored, and subsequent policies based just on the same source ip group are being acted on.(if the source-user is set to any (removing group domain\wkstn_group) then the policy works)We have b...

dhirvin by L0 Member
  • 9630 Views
  • 10 replies
  • 0 Likes

Limit bandwith in untrust interface

Hi, I need to limit the bandwith in untrust interface. We replicate DB info to the Oracle cloud and we want to limit this traffic. We have 100Mbps bandwith, and we want to limit the Oracle cloud traffic 50Mbps max. So this is what i configured: Profile QoS: all the classes with 50Mbps max egress. QoS config eth1/1 is our untrust interface (100M...

Capturavpn3.JPG
Captura1qos.JPG
vpn2.JPG
tunel trafficshapping.JPG

Resolved! NAT from private to public

With PAN - if I have a client who wants to his a public IP address when their traffic passes through the inside/private interface - what would the NAT look like? E.g. say outside/untrusted IP address is 67.1.1.1 and NATs 1:1 to 10.10.4.5 which is reached via the inside/private interface for any port. Now a user at 10.10.40.47 wants to hit 67.1.1...

Tail traffic in CLI?

Is it possible to tail live traffic in the CLI while running a grep (or match) for specific things? I would find this extremely useful.. Thanks.

  • 24396 Posts
  • 123 Subscriptions
Top Solution Authors
Labels