This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Content translations are temporarily unavailable due to site maintenance. We apologize for any inconvenience. Visit our blog to learn more.

General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Ensuring a Safe and Secure Community: How You Can Help

 

Dear LIVEcommunity Members,

 

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

safe-community_oct24.jpg
report-content.jpg
jforsythe by Community Team Member
  • 492 Views
  • 0 replies
  • 2 Likes

User-ID client device specific

Hi All,

 

I'm trying to figure out a work around to a user-id issue I'm having.  We're currently running Novell Open Enterprise Server as our back end identity store.  I have the User-ID agent installed on a windows box and communicating via ldap to my

...

ICarder by L1 Bithead
  • 2953 Views
  • 4 replies
  • 0 Likes

Trouble with IPSec-SA

The partner company requires that I translate all packets to them so they appear to come from one public IP address. In monitoring on the PAN I can see that the packet passes and the source address is translated. The problem is that the tunnel is not

...

palomed by L3 Networker
  • 3734 Views
  • 2 replies
  • 0 Likes

Resolved! Migration path from PA-2020 to PA-820

What is the correct way to migrate from a PA 2020 at PANOS currently at 6.1.16 (plan on upgrading to 7.0.14; the highest version show up in the avaliable releases) to a PA 820 at PANOS 8.0?  

 

 

itoffice by L0 Member
  • 5673 Views
  • 8 replies
  • 0 Likes

Resolved! How VPN test commands work

What happens behind the scenes when you run..

 

test vpn ike-sa gateway <name>

 

or

 

test vpn ipsec-sa tunnel <name>

 

Is there a debug which will show you the test packets sent/received?

 

palomed by L3 Networker
  • 5320 Views
  • 2 replies
  • 0 Likes

Vpn site to site encryption

Hi All,

 

i have two different firewalls and need to establish site to site vpn

 

IKE Phase 1 : Encryptin will be AES-256 CBC and the other peer have only AES-256 without CBC

 

is it gonna work ?  or it will fail

Panorama Cert Expiring

I've been finding it more difficult to take time away from daily work tasks to review the happenings on the community.  That said I just reviewed the release notes for 7.1.9 and saw the impending cert expiration.

 

While the "sticky" thread is a good i

...

User-id with RDP users

hi,

 

am having an issue with user-id for users login to servers over RDP, what happens is when user1 login to serverA over RDP and then user2 login to serverA user2 will get the policy of user1.

 

on PAN when i run the command ( show user-id-mapping ip

...

Resolved! Simple two PC ping test setup with PA200?

Hi folks,

 

I want to setup a simple two PCs connected to PA200 so that I may practice a ping test and packet capture.

PC#1 - IP address 192.168.1.2 - connected to interface 1/1

PC#2 - IP address 192.168.2.2 - connected to interface 1/3.

 

I can not get my

...

ping3.jpg
ping2.jpg
OMatlock by L4 Transporter
  • 4673 Views
  • 8 replies
  • 0 Likes

Resolved! Settings inheritance thru Template-Stack ?

If I have two devices in the same Template-Stack, will member template enforce same setting on both devices including i.e. same L3 addresses ? This is what I want to avoid

niuk by L3 Networker
  • 4918 Views
  • 3 replies
  • 0 Likes

How to IPSec over GRE with dynamic routing

I saw a document on how to configure VTI tunnel with OSPF. But that is for PAN-OS 4.1. Does anybody know if PAN-OS 7.1 supports GRE tunnel? I need to configure IPSec over GRE on the Palo Alto to talk to a Cisco router. Thanks

jac101 by L2 Linker
  • 3764 Views
  • 2 replies
  • 0 Likes

Resolved! Viewing offloaded sessions in CLI

System is a PA-3050 running SW version 7.1.7

 

Does the CLI still show the "Offload: yes" output in 'show session id <session-id-#>' for this version of software?

 

I recall seeing this flag for certain sessions in prior versions. Lately I have been trou

...

  • 23717 Posts
  • 110 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2025 - Palo Alto Networks