General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

How and Why to Accept a Solution to Your Post

Did you know that you can help your fellow community members by accepting solutions when a reply answers your question. Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature

...

JayGolf_0-1691518400714.jpeg
JayGolf by Community Team Member
  • 2962 Views
  • 2 replies
  • 14 Likes

Resolved! Active/Active failback

Hi,

We are looking at deploying an A/A L3 cluster with dynamic routing (has to be A/A to satisfy requirements of the existing setup). We've pinned all the routing preferences and floating IP priorities to 'unit A'. We are new A/A so any help with the

...

APP-ID and HIgh Port range

Is ther a range of tcp/udp ports that do not have a APP-ID in appipedia? I ask b/c as we are migrationg over 10k rules we are aware not all of them will have PA app-id assoicated so we are trying to filter out those ports and jsut curious is there a

...

Resolved! Enabling a Systems Maintenance page for systems at the PA?

Hi folks,

 

We have a public IP that NATs to an internal Barracuda Load Balancer VIP that represents several sites, content rules, etc.

I am being asked if we could temporarily change the NAT translation at the firewall to redirect to a maintenance page

...

OMatlock by L4 Transporter
  • 1826 Views
  • 2 replies
  • 0 Likes

Resolved! PAN 7.1.9 aes-256-cbc vs PAN 6.1.10 aes256

I need to move a tunnel from a PAN with 6.1.10. The tunnel today uses aes256 for IPSec crypto and for IKE. The tunnel established fine to our biz partner.

 

In configuring the tunnel on the other PAN with 7.1.9 I notice that my options are aes-256-cbc

...

palomed by L3 Networker
  • 1683 Views
  • 1 replies
  • 0 Likes

Resolved! Configuring destination NAT with DHCP public IP

I only get a dynamic public IP from the ISP on the outside interface of the PAN box. I'd like to configure Destination NAT to use the single public IP for number of servers running inside network on different ports. I've followed the documentation on

...

PAA at Jul 11 16-22-22.png

S2S VPN Between PA and Cisco ASA

Hello! 

 

I've spent the last 2 days trying to get an IPSec tunnel working between a PAN 200 and Cisco ASA5505 but all my attempts have failed. I am not sure what the issue is and would reall appreciate any assistance to point me in the right direction

...

Problems with Traps conditions after update

Hi all,

 

One of our resellers has reported a problem to us. A condition, configured in a Traps environment, is not working anymore after they updated from version 4.0.0.24417 to 4.0.1.25216. Is there something known about this problem?

 

This is the con

...

Condition.jpg

Blocking apps

Hi

 

At the moment what is most annoying is the blocking external emails, for example, Gmail, depending on which browser you open appears as "gmail", as "ssl" or as quic. We have configured a block list for that, the problem is that users are starting

...

Recorded Future 401 access error

Hello,

I am currently in the process of moving our threat feeds into Minemeld.

 

One of our providers is Recorded Future, which i have enabled as a node, and set the API access key.

 

when i go to run a the mode, it gives me a 401 client Error: Unauthoriz

...

JonasE by L1 Bithead
  • 5632 Views
  • 5 replies
  • 0 Likes

Resolved! Per-User URL Filtering Process

Can someone give me a break down of what the process flow is like?  For example, Is a lookup done for the user then an IP mapping happens?  Are the user-ip mappings being used for the decision in the filtering process?

 

The reason I ask is that I have

...

Best Practices for Site-to-Site IP/Interfaces?

Hi all,

 

I've currently got a site-to-site VPN tunnel already configured for one of our cloud services but we've got a request to add another service from another provider.  Our current config has a single floating IP address with the associated tunne

...

jsalmans by L4 Transporter
  • 4442 Views
  • 10 replies
  • 0 Likes
  • 24037 Posts
  • 99 Subscriptions
Top Solution Authors
Top Liked Authors