General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

How to check GlobalProtect IP Pool

While troubleshooting a user's inability to connect to GlobalProtect, I wanted to verify there were IPs available.  However, the IP pool did not appear under the DHCP servers.  How can I check to make sure there are IPs available within the IP pool t

...

breedend by L1 Bithead
  • 3118 Views
  • 1 replies
  • 0 Likes

PA syslogs and change logs

Is it possible to send the syslogs for only the system changes from the pa to solarwinds?  How to you configure the PA to send the change logs to solarwinds?

jdprovine by L4 Transporter
  • 3023 Views
  • 21 replies
  • 0 Likes

Decryption issues with certificate.

This is a new deployment and testing decryption. I have generated a self signed cert from the firewall and imported it into the local trusted root authority store on my computer.

 

If I try to go to a site that is encrypted (eg https://www.google.ca

...

Andrew.C by L0 Member
  • 1143 Views
  • 2 replies
  • 0 Likes

Captive Portal Customization and Device Detection

I have been tasked with modifying our Captive Portal, from Palo Alto, that current users see when they connect to our guest Wi-Fi here at the Upper Canada District School Board. I have read most of the documentation related to the captive portal and

...

dcletech by Not applicable
  • 1092 Views
  • 1 replies
  • 0 Likes

SSL / Outlook Web Access not identified by App-ID

I have a customer that is using a PA-5020, and when users try to go to certain Outlook Web Access sites, it won't work for them.  Checking the logs, I can see where the user initiates a connection over port 443 to the destination OWA server, but App-

...

OSPF through Vwire

I attempted to install a PA5060 between a Cisco ASA and Cisco Nexus switch in vwire mode. the ASA has an OSPF neighbor with the nexus 7k to distribute the defualt route learned via BGP from the ISP.

 

Once the 5060 was installed, the OSPF neigbor cam

...

Global Protect Speeds?

Hi, realtively new to PAN, and have some questions related to Global Protect speeds.

I have a win 7 x64 client connected to a gateway on my 3020. 

From the client to the internet over 30mbs of bw

From the PA3020 VPN interface to the itnernet 20mbs of

...

NeilR by L2 Linker
  • 3019 Views
  • 3 replies
  • 0 Likes

Panorama Access Domain Admins - Not functioning 7.0.3

Currently we have been working with setting up Access Domain accounts for our server admins to have restricted RO access to traffic logs and policy rules. The configuration appears sound but all testing using either local or radius/ldap auth accounts

...

login-error.jpg

Resolved! Upgrading Panorama and Firewalls to 7.0.3

Hey All,

I have some questions regarding the upgrade of Panorama and firewalls to version 7.0.3. I am looking to upgrade both fairly soon, and want to avoid any gotchas. My environment currently has Panorama at 6.1.4 and all firewalls at 6.1.4 or 6.1

...

Resolved! VPN IPSec / SSL

Hello,

i have the problem with understanding How my VPN works.

 

I have created one portal and gateway for all users profile and I generate for all of them unique certifcate.

 

When i look in to Remote Users table I see that some of users uses SSL an

...

ITBT by L1 Bithead
  • 1858 Views
  • 1 replies
  • 0 Likes

Does Palo Alto support Reverse Route injection?

As title, does Palo Alto support something like CISCO "Reverse Route injection" which can inject a /32 route to the campus network for a dial-in user? Or can I create a /24 loopback interface for VPN users and redistribute the /24 to campus network?

...

Top Solution Authors
Top Liked Authors