General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Resolved! Adding Address object through the CLI

Hello,

 

We use O365 and on what seems like a weekly basis they multiple  new addresses that we need to whitelist. I would be great if PAlo had an object for this that they kept up to date, but I guess they don't

 

We therefore need to add these addr

...

GC66 by L1 Bithead
  • 9222 Views
  • 3 replies
  • 0 Likes

best path to migrate from 2050 5.0.8 to 3050 6.x

We just bought a pair of 3050's to replace our 2050's. The old 2050's are running 5.0.8. (I know that's old, but it was stable and we just left it alone) I'm looking for advice on the best path to upgrade to the new 3050's. 
I've looked at the migrati

...

Sinkhole explosion

Since midday yesterday (Monday Jan 26th) we've seen an explosion in sinkhole detections.
Previous moths sees one ot two a day in average, latest 24 hrs we've had more than 16.000 detections. This started after the antivirusupdate on Monday.

When checki

...

pivvre by L2 Linker
  • 4674 Views
  • 12 replies
  • 1 Likes

Resolved! High Availability Bandwidth / Latency Requirements

Hi

 

We are about to introduce a dual site DC setip with a single Internet IP address space available across both of them.  We have a Multiple VLAN 100 Mbps fibre link between the sites and would like to split the PA-3020 pair we have running active/

...

Global Protect with self-signed certificate

Hi, 

 

We have configured GlobalProtect with a self-sign certificate working properly, but when we try to connect through global protect we always receive this advise about "this certificate is not valid...." and we have to accept it to continue. Thi

...

Resolved! Firewalls accessing Panorama: best practice

Hi,

 

I'm looking for a best practice when deploying Panorama accross multiple sites that do not really have any interconnections (and have quite a few overlapping subnets).

From what I understand, the firewalls themselves initiate the connection tow

...

Arne-VDH by L3 Networker
  • 3157 Views
  • 2 replies
  • 0 Likes

Blocking Internet Access based on User-Agent

I am currently researching a way to be able to intercept traffic from an unsupported IE browser and then be able to feed that information about the host, mainly FQDN hostname or IP address of the host into the PAN dynamically based on the user-agent:

...

Resolved! PA200 disaster recovery option...?

Hi all --

 

I curently have one PA200 with all four eth ports taken (internal/trust network, internet/untrust, dmz, voip vlan), as well as the mgmt port connected to the internal network.  I'm looking to get a disaster recovery plan in place, but, as

...

thatguy by L2 Linker
  • 2385 Views
  • 7 replies
  • 0 Likes

Resolved! Higher Management CPU post upgrade to 7.0.4

I've got a 5060 A/P pair that was running 6.1.4.

 

We are/were doing :

 

SSL forward Intercept

SSL Mirror

7 AD Group Mappings

Transparent Captive Portal

4 UIA

 

Pre-upgrade our MGMT CPU was around 20%.  Post upgrade to 7.0.4 we're 70%.  There have be

...

Failed to find PANPG virtual adapter interface

Hi all,

 

I am experiencing this issue with Global Protect : "Failed to find PANPG virtual adapter interface".

The version of GP is the latest released 2.3.3.

Version of client is Windows 8.1.

I have already tried:

 

- Uninstalled Anti-Virus

- Disabl

...

Failed to find pan PG.JPG

Configure Backup ISP

 

 

 

 

 

Not sure this is the right venue or forum to post this, but I’m looking to set up an automated failover to a backup ISP line per the attached network diagram of my environment.

 

I’m new to PAN and the PAN way of doing things so thought I’

...

PANBackupISP.png
Top Solution Authors
Top Liked Authors