General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Resolved! How VPN test commands work

What happens behind the scenes when you run..

 

test vpn ike-sa gateway <name>

 

or

 

test vpn ipsec-sa tunnel <name>

 

Is there a debug which will show you the test packets sent/received?

 

palomed by L3 Networker
  • 4334 Views
  • 2 replies
  • 0 Likes

Vpn site to site encryption

Hi All,

 

i have two different firewalls and need to establish site to site vpn

 

IKE Phase 1 : Encryptin will be AES-256 CBC and the other peer have only AES-256 without CBC

 

is it gonna work ?  or it will fail

Panorama Cert Expiring

I've been finding it more difficult to take time away from daily work tasks to review the happenings on the community.  That said I just reviewed the release notes for 7.1.9 and saw the impending cert expiration.

 

While the "sticky" thread is a good i

...

User-id with RDP users

hi,

 

am having an issue with user-id for users login to servers over RDP, what happens is when user1 login to serverA over RDP and then user2 login to serverA user2 will get the policy of user1.

 

on PAN when i run the command ( show user-id-mapping ip

...

Resolved! Simple two PC ping test setup with PA200?

Hi folks,

 

I want to setup a simple two PCs connected to PA200 so that I may practice a ping test and packet capture.

PC#1 - IP address 192.168.1.2 - connected to interface 1/1

PC#2 - IP address 192.168.2.2 - connected to interface 1/3.

 

I can not get my

...

ping3.jpg
ping2.jpg
OMatlock by L4 Transporter
  • 3933 Views
  • 8 replies
  • 0 Likes

Resolved! Settings inheritance thru Template-Stack ?

If I have two devices in the same Template-Stack, will member template enforce same setting on both devices including i.e. same L3 addresses ? This is what I want to avoid

niuk by L3 Networker
  • 4542 Views
  • 3 replies
  • 0 Likes

Why can not see the file name in Data Filtering Log?

Hello,

 

I configure the File blocking in policy, most of the files I can see the file type, but can not see the file name in Data Filtering Log.

Do any one know why the issue happen? I have been searching the KB but didn't see any release information.

M

...

2017-03-31_113834.jpg
VivianLu by L0 Member
  • 1471 Views
  • 0 replies
  • 0 Likes

How to IPSec over GRE with dynamic routing

I saw a document on how to configure VTI tunnel with OSPF. But that is for PAN-OS 4.1. Does anybody know if PAN-OS 7.1 supports GRE tunnel? I need to configure IPSec over GRE on the Palo Alto to talk to a Cisco router. Thanks

jac101 by L2 Linker
  • 3352 Views
  • 2 replies
  • 0 Likes

Resolved! Viewing offloaded sessions in CLI

System is a PA-3050 running SW version 7.1.7

 

Does the CLI still show the "Offload: yes" output in 'show session id <session-id-#>' for this version of software?

 

I recall seeing this flag for certain sessions in prior versions. Lately I have been trou

...

Resolved! Monitor tab empty

PANOS 8.0.0

Definitely forwarding and policies working.

But monitor tab simply empty.. restart did nothing.

?

mpgioia by L3 Networker
  • 6088 Views
  • 14 replies
  • 0 Likes

help with NAT

hello im wondering if anyone can help a PAFW newbie with configuring some nat that i am trying to pass through.  i dont know how my security & nat rules should look but this is what i have configured:

 

security rule: source zone (untrust) source addre

...

bwfreas by L1 Bithead
  • 2014 Views
  • 3 replies
  • 0 Likes

Resolved! IPsec tunnel questions?

Hi folks,

 

We have several IPsec VPN tunnels for various remote firewalls connections.  One of them is changing their firewall hardware to something else next week.  Sonic firewall, I believe.

 

I've been told that they are configuring the new replaceme

...

OMatlock by L4 Transporter
  • 2515 Views
  • 5 replies
  • 0 Likes
  • 24281 Posts
  • 99 Subscriptions
Top Solution Authors
Top Liked Authors
Labels