General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Minemeld down - Can't log into UI "ERROR CHECKING CREDENTIALS - Bad Gateway"

Our Minemeld will longer let me log in via the user interface. The operating system logon works fine. When trying to log into the web interface I get "ERROR CHECKING CREDENTIALS - Bad Gateway" We are a Windows shop and don't really have any Linux skills to breing to bear on this. What do I need to do to resolve this? It is a production i...

DwightH by L1 Bithead
  • 23157 Views
  • 15 replies
  • 0 Likes

connectivity problem with GP

Users complain Global Protect vpn client performance problem. There is shown ping time more than 1000ms after I disconnect then reconnect there is shown less than 150ms. Below photo after and before connection via GP

image002.jpg
image003.jpg
Radmin_85 by L4 Transporter
  • 3165 Views
  • 5 replies
  • 0 Likes

DROP_UPDATE

Hi, I've just created a new node and I'm seeing events such us: DROP_UPDATE on aggregator type. Does anybody have an idea of what could be the issue?

Resolved! How to configure Vendor Specific Attributes to Radius/MFA server

Hello, I need article(s) that shows step-by-step instructions on to use Azure MFA (which is a RADIUS software) for Palo Alto admin authentication in their web interface or CLI for Palo Alto management.As of today, Palo Alto Management is without multi factor authentication (MFA) which is not ideal but it works fine and it is using LDAP for authe...

Farzana by L4 Transporter
  • 3386 Views
  • 1 replies
  • 0 Likes

Exchange emails stopped working due to zone protection profile

Hi All Emails from inhouse exchange server is not getting delivered to target email ID or either getting delayed . I have configured the secuirty policy with no security profile attached and the traffic is showing as allowed was suspecting that it might be getting blocked or dropped due to some security profile .once i remove zone protection pr...

Rameshwar by L3 Networker
  • 2456 Views
  • 2 replies
  • 0 Likes

Resolved! SonicWall to Palo Alto Migration?

Hello 🙂I am doing a migration from a Sonicwall device to a Palo device and I am not finding any migration tools that can help me. Does anyone know of a tool that will migrate from Sonicwall to PAN? I am at a loss of how to go about this without building it all up from scratch.

Roshawn by L2 Linker
  • 11203 Views
  • 3 replies
  • 0 Likes

UserID - nt authority\accesso anonimo

Hi guys, EnviromentPA3020panOS 7.1.11 -- UserID agent 7.0.4 I got issue with UserID that is currently receiving identites from UserID Agent.UserID has already mapped IP address with a specific LDAP user for example "domains.it\test".Sometimes happens that UserID starting to map the same IP address with this user: "nt authority\accesso anonimo (a...

Resolved! How to configure the firewall so that all traffic goes in and out through it?

Hello, everybody. I am configuring a VM-300 Virtual Firewall on a KVM installed in CentOS. The dedicated server where the virtual firewall is installed has two network cards.One of which connects to the Internet and the other with which it connects to a switch to which other servers are connected. My intention is for all incoming and outgoing tr...

DRAW.png
javihere by L1 Bithead
  • 2586 Views
  • 1 replies
  • 0 Likes

Resolved! Adding address objects and tagging them via CLI.

In my network we tag certain IP addresses for various reasons on our Palo Alto's. Sometimes we will get a large batch of these that need to be done and manually creating an address object and then tagging it via the GUi can be time consuming (to say the least). I'm wondering if there is a way to add these object groups and tag them via the CLI. ...

Logging events from Panorama to SIEM?

What methods are available for sending events from a distributed palo alto deployment which have been aggregated in panorama...to a syslog server or SIEM product? I know how to send events directly from a firewall but would hate for all my remote locations to have to send the logs twice, once to panorama and a second time to the SIEM.In panoram...

MineMeld Service's Not starting after installation

Hello Discussion Board, I am installing MineMeld in ESX 6. VM was built with trusty-server-cloudimg-amd64.ova and has minemeld-cloud-init-0.9.10-1build1.iso connected to the CD/DVD drive. Every time I reboot the server minemeld does not start and the system says there are 2 available packages that can be updated. I added a screenshot of...

qos

Hi,What are the differnces between cisco qos and pa qos Thanks

simsim by L4 Transporter
  • 2345 Views
  • 1 replies
  • 0 Likes

Resolved! site-to-site VPN / no "IKE Info"

Hey, We have a couple of VPN's which have just been transitioned to the PA firewall. Under network > ipsec tunnels > the VPN status shows as up, but the "IKE info" shows as down, with no info. If I run: "show vpn ike-sa detail gateway" there is nothing listed. If I run "test vpn ipsec-sa tunnel" it brings it up and shows IKE Phase1 SA:Coo...

SARowe_NZ by L3 Networker
  • 10964 Views
  • 3 replies
  • 0 Likes

Resolved! QoS issues on dual-ISP setup with differing circuit speeds.

Hi- We have dual connections and have our Palo Alto set up similar to described in this article: https://live.paloaltonetworks.com/t5/Configuration-Articles/How-to-Configure-a-Palo-Alto-Networks-Firewall-with-Dual-ISPs/ta-p/59774 Our primary connection is 100Mbps whilst 2nd is only 10Mbps. Presumably this should involve 2 QoS profiles, one with ...

  • 24396 Posts
  • 123 Subscriptions
Top Solution Authors
Labels