This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Recommened PAN-OS as of April 2017 (Q2)

What PAN-OS are people running these days? I am currently 7.0.8 and it is time for the care-and-feeding of the firewall code at my company. I am looking at upgrading to 7.1.8 (but 7.1.9 just came out today). I do not use any SSL Decryption features. Primarily firewalling, IPSEC tunnels and GlobalProtect.

rpugh1 by L0 Member
  • 2854 Views
  • 3 replies
  • 0 Likes

Resolved! BGP filtering question

Hi Quick question, pretty sure I know the answer. But I want to redistribute some of the OSPF routes I have into BGP.So I create a redist profile, say the source is OSPF then I can use the BGP export filtering to stop what I don't want out. So lets say I have in my ospf table 10.10.10.0/2410.10.20.0/2410.10.30.0/24 1.1.1.50/32 1.1.1.51/32 1.1.1....

Proxy ARP

Hi I have a 5220 in the DC and a 850 in the officeOn the 5220 I have an interface onto network 2.7.3.0/24On the 850 I have a NAT for 2.7.3.129/32the 5220 get this via OSPFHow can I make the 5220 response on the interface 2.7.3.0/24 for arp requests for 2.7.3.129Do I have to setup a 1-to-1 NAT on the 5220 so destination nat of 2.7.3.129 to 2.7.3....

How does one create an output filter to exclude IPv4 indicators in a CIDR range?

I have various miners. Various miners are connected to various aggregators which are inturn connected in various ways to different types of output. Some of these miners receive RFC1918 IPv4 indicators. These are aggregated and send to outputs. I'm attempted to have one output which will contain these RFC1918 addresses while another does ...

EdwinD by L3 Networker
  • 7692 Views
  • 5 replies
  • 0 Likes

OSPF and Cisco Routers

Greetings all, I was doing some Core routing work during an outage this last week and ran into a repeat of some issues we had when we initially put our PAN boxes in to place. The original scenario: A subinterface existed on the Palo Alto with the tagging set for a point-to-point vlanThat vlan connected the Palo Alto directly to a Cisco 4500-X V...

jsalmans by L4 Transporter
  • 6938 Views
  • 2 replies
  • 0 Likes

Resolved! NAT Security rule

I'm used to working on Cisco ASA and I'm having a hard time understanding why the security rule states Untrust-L3 for both the source and destination zone. Typically wouldn't that be Untrust-L3 to DMZ? Is there a specific reason for this behavior?

Screen Shot 2018-01-06 at 6.57.18 PM.png
Glitchen by L0 Member
  • 2982 Views
  • 2 replies
  • 0 Likes

DNS proxy not working

Hello, We are currently getting resolve-fail events for DNS. Failed to resolve domain name: after trying all attempts to name server(s): 8.8.8.8 8.8.4.4DNS server is in loopback.2 Interface/Untrust/IP:203.44.x.x Below are some pics of DNS proxy settings, session details. Can someone please shed some light what are we missing?

sessiondetails.jpg
DNS Proxy.jpg
Farzana by L4 Transporter
  • 5917 Views
  • 3 replies
  • 0 Likes

A Fall/Autumn Question: What is your favorite Palo Alto Networks feature?

A wrap of our summer question leads into fall or autumn, as your preference may be, wherein we ask: What is your favorite Palo Alto Networks feature? Did it help solve a problem you were facing? As a former support engineer, I always like to hear when customers arrive at that a-ha moment of understanding or discovery, when the firewall does ...

jdelio by L7 Applicator
  • 20707 Views
  • 25 replies
  • 3 Likes

Outlook and Global Protect

In the past when our users disconnected Global Protect, Outlook would disconnect immediately. Seems like this no longer the case. When GP is disconnected Outlook continues to work. I'm wondering if anyone has every eperience this before? Thanks

berket13 by L0 Member
  • 3562 Views
  • 4 replies
  • 0 Likes

Resolved! Expressway-E and C and NAT and VW

Hi, I have deployed Expressway (cisco ToIP) E and C as per the diagram below .PA is in VW mode .Does it work without any changes in the PA ? Or Is there any policy must be created ? Thanks

PA.png
simsim by L4 Transporter
  • 3062 Views
  • 1 replies
  • 0 Likes
  • 24381 Posts
  • 123 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks