General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Ensuring a Safe and Secure Community: How You Can Help

 

Dear LIVEcommunity Members,

 

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

safe-community_oct24.jpg
report-content.jpg
jforsythe by Community Team Member
  • 411 Views
  • 0 replies
  • 2 Likes

Setting Up the PA-200 for Home Setup question?

Hey folks,

 

Newbie here.    I had this going successful before, but after a factory default, not working for me for some reason. 

I've followed this helpful article before and worked on my first try, but not now for some reason.

https://live.paloaltone

...

PA13.jpg
PA7.jpg
PA1.jpg
PA2.jpg
OMatlock by L4 Transporter
  • 2226 Views
  • 4 replies
  • 1 Likes

VM-100 Virtual Wire doesn't show any sessions

 Hi guys, I'm new to PA so I hope this is not a stupid question.

 

I configured my VM-100 with two interfaces (plus manegment), the two interface were setup as Virtual Wire. I can capture traffic going through and everything works from a user perspecti

...

Hwinter by L2 Linker
  • 2796 Views
  • 5 replies
  • 0 Likes

IPv6 Point to Point prefix

Hi,

 

Trying to setup a IPv6 Point to Point link between the PAN and SRX.  Does PAN support IPv6 prefix like /127 for point to point connection?

 

(Yes I read RFC 3627 -> RFC 6164 -> RFC 6547 already)

 

Before any one starts about the IPv6 address space is

...

Cert key import

What is the best way to import a key for a globalprotect portal? I already have CA installed.

jdprovine by L4 Transporter
  • 4267 Views
  • 14 replies
  • 0 Likes

Some Applications not being submitted to wildfire

Hello

I am testing my wildfire configuration .

1- When I download wildfire test PE file  , I get an entry under Wildfire submission log & data filtering log.
2- I intend to test if copying the PE file is also caught by wildfire , so I download a new PE

...

Resolved! VPN clients IPsec vendors

Hi,

 

We realised after upgrading to 7.1.8 when we access to VPN GP using CISCO VPN CLIENT (IPsec) is not working. In previous version was working.

 

This is the error ikemgrlog:

 

 

 

2017-03-30 13:11:52 [PROTO_ERR]: isakmp_inf.c:1362:isakmp_info_recv_d():

...

Map any TACACS+ user to local account

Anyone aware of how to map TACACS+ accounts to a single local account? For instance, I have my ACS server using AD for its user database. I created a policy in ACS to allow access to the PA if they are in a certain group. When I want to give someone

...

ddaloia by L0 Member
  • 3196 Views
  • 5 replies
  • 0 Likes

Resolved! DoS Protection

How do I go about triggering and monitoring DoS Protection in 7.1.5? I cannot find anywhere in the GUI to help me with this.

How to Safely Enable/allow Skype (URL filtering)

To allow skype you need to allow next applications in security rule:

Next step you need to make URL filtering profile. Deny any categories. But allow next URLs:

mobile.pipe.aria.microsoft.com

*.microsoft.com

*.skype.com

ocsp.msocsp.com

login.live.com

auth.g

...

Снимок.PNG
Снимок.PNG

Resolved! Migrate Config between PA-500 and PA-2050

Hello,

 

we own a PA-500 Firewall but are some Versions behind in the OS. Now we want to update it but got an downtime estmiate from our local Palo-Alto vendor from 8 hours. (From Version 5 to  Since we have some 24/7 Callcenters in house that's not a

...

lenmar by L1 Bithead
  • 3827 Views
  • 7 replies
  • 0 Likes

Resolved! OCSP is incorrectly spelled OSCP in the documentation

C'mon guys, really?

 

https://www.paloaltonetworks.com/documentation/80/globalprotect/globalprotect-admin-guide/authentication/deploy-shared-client-certificates-for-authentication

 

https://www.paloaltonetworks.com/documentation/80/globalprotect/globalpr

...

DFrauzel by L0 Member
  • 3326 Views
  • 6 replies
  • 0 Likes

Qos profile

 

Hi ,

 

In the above  which class will get high priority ?

 

Thanks

traffice.JPG
sib2017 by L4 Transporter
  • 7009 Views
  • 13 replies
  • 0 Likes

Considering Buying Palo Alto 800 Series

Hi All,

 

I would like to request assistance from anyone who has had experience with different firewall vendors and currently is a Palo Alto firewall user as I'm not a firewall expert whatsoever.

 

I'm considering buying a Palo Alto 850 Series firewall o

...

Techlove by L0 Member
  • 2627 Views
  • 2 replies
  • 0 Likes

GP upgrade beyond 2.2.x

Hi,

 

I'm running GlobalProtect 2.2.1 on PANOS 7.0.7. I'm preparing to upgrade to 2.3 (and beyond) to finally support some newer client devices. This caveat in the 2.3 release notes made me pause:

 

 

If your GlobalProtect 2.2 or earlier release configura...

gateway.png
blankprofile.png
portal.png
portalagent.png
MCmgt by L2 Linker
  • 3219 Views
  • 6 replies
  • 0 Likes
  • 23695 Posts
  • 110 Subscriptions
Top Solution Authors
Labels