General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Ensuring a Safe and Secure Community: How You Can Help

 

Dear LIVEcommunity Members,

 

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

safe-community_oct24.jpg
report-content.jpg
jforsythe by Community Team Member
  • 436 Views
  • 0 replies
  • 2 Likes

Best practice for setting up address groups

Hi

 

Newbie to PA.

 

I want to create a address group dynamic (think that might be best.  made up from a group of network addresses in each DC.

 

So for example if I have 3 DC

 

dc1 - 10.1.0.0/16

dc2 - 10.2.0.0/16

dc3 - 10.3.0.0/16

 

I could tag them with "dc_ne

...

IKE Phase 1 Timeout

IKE is failing to negoriate phase 1.  I get this timeout and then a delete. Any thoughts on the possible cause? I'm thinking

the peer is perhaps not permitting the traffic from this device perhaps at a security device in front of their tunneling firew

...

palomed by L3 Networker
  • 9347 Views
  • 8 replies
  • 0 Likes

Adding Multiple Individual IP addresses at one time.

In our environment we use tags on individual IP addresses for a few different things and then have policies in place to take those actions based on those tags.

 

Sometimes we have requests come in with a lot of indivudla IP addresses that we have to ad

...

permitir videos en vimeo.com

estimados, alguien que pueda ayudarme a permitir el acceso a vimeo.com ? al intentar ingresar a esta pagina me aparece un error de certificado ssl:

Este sitio no puede proporcionar una conexión segura

vimeo.com envió una respuesta no válida.

 

  • Intenta ej
...

iph1->ivm == NULL

Dears,

 

Since two days i am getting this message "iph1->ivm == NULL"  and all VPN with ASA on the other side is facing iKE Phase 1 time out

 

 

pan1.PNG
Ammar by L2 Linker
  • 2922 Views
  • 5 replies
  • 0 Likes

Best practice with defining Zones - how many is too many

Hi

 

So I have 3 locations (DC), Internet access , Vendor access, environment (Prod, Uat etc) and user and support users and dmz and ...

 

should each of these be a zone ???  I am thinking not, after have a bit of a play, you can't make dynamic zones fro

...

Resolved! NAT and OSPF

Hi

 

I have a PA-3060 (A-A).

 

I have a NAT lests say 

 

1.1.1.1: 443 -> 192.168.10.10:10000

 

now the PA is part of an OSPF network, how to I publish out the address 1.1.1.1

 

I was thinking of adding 1.1.1.1 to a loopback and adding to a virtual router and t

...

Upgrade to 8.0.2 bricked my PA500

So am I the lucky one to have what should have been a simple upgrade brick the firewall?

Was running 7.1.7, normal download and install 8.0.2

Firewall came up with the yellow status light.

Was able at that point to login to gui.

Found this little darling

...

gefuchs by L1 Bithead
  • 4547 Views
  • 8 replies
  • 0 Likes

Resolved! Dynamic Updates on PA-200

I have a PA-200 that is configured to check for updates every half hour aprox. The thing is that Antivirus, Aplications and Threats are not installed as scheduled!!!

 

When I log in to check, the check to Internet is done, but the package is not downlo

...

Two-Factor authentication failures

Hi, we have a few clients using GlobalProtect as VPN (various versions), some are authenticating using 2FA, using SecurEnvoy as a RADIUS server.

 

What we're seeing is as follows - the user has an authenticated VPN connection, then their network connec

...

A.Mellor by L0 Member
  • 3007 Views
  • 1 replies
  • 0 Likes

Resolved! Non-interruptive Panorama device migration

Hello!

Is there any way to perform migration of local configured firewall to panorama management without service interruption?

For example:
I use Panorama 7.0
There is configured PA-5060 6.1.5 HA-cluster that I need to migrate to centralized Panorama Man

...

Minemeld - Cannot create new Miner Node

Heya All,

 

I've been testing out minemeld and have it a bit of a brick wall.. When I attempt to create a new miner node via CONFIG > NEW, it completes successfully but the node cannot be found listed under nodes so I cannot add it as an input to the

...

Resolved! Filter items from source feed

One of the feeds I would like to import is the alienvault feed.  However, I only want a subset of the IPs listed.  I have tried using a regex with a transform to limit the results, but the miner is still showing an indicator count of 54,000.

 

I clon

...

deanm by L2 Linker
  • 8466 Views
  • 11 replies
  • 0 Likes
  • 23699 Posts
  • 110 Subscriptions
Top Solution Authors
Labels