General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

VPN Palo Alto - Microsoft Azure. Slow transfer. Not reaching internet by this tunnel.

Hello, We are having a annoying issue :S We have configured a tunnel routed-based between PA (7.0.6) to Microsof azure. The tunnel is up but we are detecting several problems. 1) The transfer speeds are very low, fluctuate and are nothing stable: When we try to move a file using this tunel from Azure to one of our servers in PA, the transfe...

URL Filtering response pages never appear

Hi, My URL filtering response pages never appear, even the default ones.Is there anything to do to activate them ? I always have the "This site can’t be reached" message with a connection reset. Thanks

PorZik by L0 Member
  • 8350 Views
  • 4 replies
  • 0 Likes

Syslog miner not recieving the syslog messages

HI All, I have used the below link to configure Syslog miner, but metrics are not showing up in stats. https://live.paloaltonetworks.com/t5/MineMeld-Articles/Using-the-syslog-Miner/ta-p/77262 I have tried to troubleshoot using following discussion but no luck https://live.paloaltonetworks.com/t5/MineMeld-Discussions/Mine-s-not-working/m-p/1...

syslog miner node.png
stats.png
rsyslog_config.png
rsyslog-logs.png

Clear Config on new Palo

Good Morning. Is there an easy way to clear out all configuration settings on a new Palo without having to go through the CLI to clear each item individually, or doing the same in the GUI? It is time-consuming to have to go in and delete the default Vwire, zones, and everything else that comes with a new appliance. Better yet, is it possible to ...

NAT very slow

PA-3020 Software Version 8.0.4I have several policies U-Turn Nat and Destination Address Translation in the DMZThree times a day the acces to these Policies becomes very slowIf I send a ping to one of these servers the time is very large the 1000 to 2000 ms approximately, butthe internet service continues to work in a normal wayWhen this happens...

Resolved! PA-VM-300 refuse to boot because master key expired.

Hi all, today i found my PA-VM-300 in maintenance mode, refusing to boot. Maitenance Entry Reason:Cryptod failure. Caused by: Master key expired.This firewall is a backup of our production firewall, in our Disaster Recovery Plan, in addition to VMware SRM.I use the API to push the production configuration to this firewall. In order to allow the ...

2017-08-16_171551.jpg

Virtual Panorama for Log viewing only

Hi all, I hope someone already did something like that to answer my question 😛 We have a virtual Panorama on PAN-OS 8 with a local log collector. On this panorama we manage differdnt firewalls and also store the logs of these firewalls. This panorama is in a secure zone where we ONLY allow acces for firewall administrators.So far so good. Now w...

Remo by L7 Applicator
  • 2178 Views
  • 2 replies
  • 0 Likes

sync issues

My HA pair went into split brain so I rebooted the secondary and now they will not sync

jdprovine by L4 Transporter
  • 4023 Views
  • 7 replies
  • 0 Likes

site 2 site with Meraki NAT'd behind ISP router??

We have a remote site connected behind ISP router and Meraki receives 192.168.X.X IP from it, and all networks locally are connected further to Meraki. The main site has public IP directly on the firewall. Not sure how to make configuration work.

raji_toor by L4 Transporter
  • 8206 Views
  • 7 replies
  • 0 Likes

Resolved! Issues with netflow.

We are having issues getting our information from our PaloAlto 5020's. It looks like it is sending but we do not have any chartable information on either of our netflow servers. We are using Solarwinds Netflow Traffic Analyzer as well as What's up gold flow analyzer. Palo Alto says that I have setup the server profile and applied it to the in...

Best Solution for New Design

Dears,first time for me write in PaloAlto forum I hope to find my answer here. first, we have purchased PaloAlto 3020, and need the best design for the network securityز My network content "1" switch L3 and "2" switches L2 and we have VLANs for users and voice and guest and printers and also we have WIFI for staff and WIFI for the guest and ev...

MOsama by L1 Bithead
  • 2115 Views
  • 1 replies
  • 0 Likes

(DUP!) when pinging from the firewall

Hi guys, Strange issue here which I'm hopeing to get resolved. I was SSH'ed into the our PA VM-100 today and happened to run the command >ping host 8.8.8.8. This resulted in 100% (DUP!) replies on the ICMP replies. However, when I specify the source and host I dont get this issue. Any ideas why this could be happening? Thanks

Resolved! Panorama configuration logs

When making changes to firewalls through panorama, there is a history of those changes made. When you go to the dashboard there is a widget that shows the last handful of config changes, so I know they are there. Where in panorama can I go to view the history of that log? There is no "configuration" section under the monitor tab like there is...

Resolved! Proxy-ID Error message for GlobalProtect Client

We have configured a GlobalProtect Gateway to service clients using both the GP Agent and X-Auth parameters with 3rd Party Clients. We have been receiving the following error messages:'IKE phase-2 negotiation failed when processing proxy ID. cannot find matching phase-2 tunnel for received proxy ID. received local id: 10.0.0.0/8 type IPv4_subnet...

  • 24395 Posts
  • 123 Subscriptions
Top Solution Authors
Labels