General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

 

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! 

 

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 1187 Views
  • 0 replies
  • 0 Likes

PA-200 Pan OS 5 12 **anyone with a config file?**

I've about ripped out enough hairs no matter what config or method or video i try my setup doesnt work. I know its a check box or something.

 

I just want a basic/simple config

 

 

I'd like all ports 2/3/4 usable on same subnet with nat/dhcp

port 1.1 as wa

...

Resolved! Using PA-200 for home internet router?

Hello folks,

 

I recently bought a used PA-200 software version 6.1.4 for learning and testing purposes. 

I replace my home Linksys with the PA-200 following this article to configure.

https://live.paloaltonetworks.com/t5/Configuration-Articles/Setting-U

...

OMatlock by L4 Transporter
  • 8542 Views
  • 9 replies
  • 0 Likes

Application & URL Filtering/ Blocking

Hi

 

 

I've been this question, and I'd assume we'd need to block under both but I just want to make sure.

 

If we block a URL e.g dropbox, does this block the application as well or do we need to double up and also block the application itself under file

...

Mlangley by L0 Member
  • 2221 Views
  • 2 replies
  • 0 Likes

DUAL ISP Failover Single VR

I have a situation below and I need to be able to configure failover, seeking some guidance.

 

Basically I have

 

SG3 (two ISP's in the same VR)

ISP1 (eth1/7)

--------------> WAN-VR2

ISP2 (eth1/8)

 

Then I have a whole bunch of other sub interfaces on the LAN

...

mali77 by L1 Bithead
  • 6366 Views
  • 6 replies
  • 0 Likes

update.newinfoclientstack.com

I looked in the threat database and PA classifies this URL Inbox  update.newinfoclientstack.com as maleware. Is there a way to know if this is covered by the threat prevention subscription? There were no details in how to deal with it in the database

...

jdprovine by L4 Transporter
  • 2412 Views
  • 4 replies
  • 0 Likes

Resolved! Quickest way to add and manage Azure / AWS address group

Hi All, 

 

New to PA here - What is the quickest and most efficient way to Add / Delete / Manage large lists of IP addresses and subnets such as ones that belong to AWS or Azure?

 

I would like to create an Address Group and add in all Azure or AWS IP /

...

Resolved! IPSEC VPN ECMP - Issue

Dear Collegues,

 

Let imagine the following situation:

 

PA Firewall connected to two ISP, e1/1 - 1.1.1.1 and e1/4 - 2.2.2.2.

Default virtual router with ECMP configured with weights e1/1-50 and e1/4-50.

 

IPSEC tunnel configured to the remote site, IKE Gat

...

Resolved! Active/Active failback

Hi,

We are looking at deploying an A/A L3 cluster with dynamic routing (has to be A/A to satisfy requirements of the existing setup). We've pinned all the routing preferences and floating IP priorities to 'unit A'. We are new A/A so any help with the

...

APP-ID and HIgh Port range

Is ther a range of tcp/udp ports that do not have a APP-ID in appipedia? I ask b/c as we are migrationg over 10k rules we are aware not all of them will have PA app-id assoicated so we are trying to filter out those ports and jsut curious is there a

...

Resolved! Enabling a Systems Maintenance page for systems at the PA?

Hi folks,

 

We have a public IP that NATs to an internal Barracuda Load Balancer VIP that represents several sites, content rules, etc.

I am being asked if we could temporarily change the NAT translation at the firewall to redirect to a maintenance page

...

OMatlock by L4 Transporter
  • 2435 Views
  • 2 replies
  • 0 Likes

Resolved! PAN 7.1.9 aes-256-cbc vs PAN 6.1.10 aes256

I need to move a tunnel from a PAN with 6.1.10. The tunnel today uses aes256 for IPSec crypto and for IKE. The tunnel established fine to our biz partner.

 

In configuring the tunnel on the other PAN with 7.1.9 I notice that my options are aes-256-cbc

...

palomed by L3 Networker
  • 2217 Views
  • 1 replies
  • 0 Likes

Resolved! Configuring destination NAT with DHCP public IP

I only get a dynamic public IP from the ISP on the outside interface of the PAN box. I'd like to configure Destination NAT to use the single public IP for number of servers running inside network on different ports. I've followed the documentation on

...

PAA at Jul 11 16-22-22.png

S2S VPN Between PA and Cisco ASA

Hello! 

 

I've spent the last 2 days trying to get an IPSec tunnel working between a PAN 200 and Cisco ASA5505 but all my attempts have failed. I am not sure what the issue is and would reall appreciate any assistance to point me in the right direction

...

  • 24171 Posts
  • 117 Subscriptions
Top Solution Authors
Top Liked Authors
Labels