General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

 

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! 

 

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 221 Views
  • 0 replies
  • 0 Likes

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

 

Rules and Best Practices

 

  1. Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion
...

JayGolf by Community Team Member
  • 900 Views
  • 0 replies
  • 0 Likes

Setting up Policy to allow all access to a squid proxy

Hi

 

Still a beginer with the PA.

 

I have a universal rule that allows from 

any zone 

my internal ip address

 

to 

ip address group that has by proxy addresses in it.

 

For applicaiton I have 

http-proxy - this covers a lot of ports

default urls

 

 

from my test  

...

Double NAT

Hi!
we have a couple of customer who use paloalto firewalls. We have always problem to connect two accesses through NAT via paloalto. We usually use cisco meraki and the communicate on the higher port numbers. It always work when we have one site that

...

majo44 by L0 Member
  • 2605 Views
  • 1 replies
  • 0 Likes

Scripting

Who can provide me with a from scratch python script to create a new firewall rule? Im not looking to use pandevice or any of Palo Alto modules on github (my compnay will not allow us it import and use it.) Looking of a script that doesn't use pandev

...

PA-500 SSL decryption decrypt-error session end

I apologize of this is a dumb question as I know that some sites will have decyrption issues, but is it normal to have a lot of traffic log entries with decrypt-error as the session end reason?

 

None of our users are complaining that they can't get to

...

gwosad by L0 Member
  • 4116 Views
  • 4 replies
  • 0 Likes

GP for many external clients

Does anyone have a good solution/setup for providing external clients with VPN access?  Not regular users/company employees.

 

We need to be able to provide these external clients access to different resources internally. IE webpages, server access usi

...

Resolved! Seperate URL categories for free and paid web hosting?

Hi,

 

We are seeing an influx of phishing mails trying to send users to sites hosted with free web hosting services.

 

On of the things we've done to combat phishing is blocking access to unknown domains, but every subdomain of a free web hosting provide

...

as-mg by L3 Networker
  • 2173 Views
  • 1 replies
  • 0 Likes

Resolved! malicious domain

Hi,

What is the benefit if we use sinkhole instead of just blocking malicious domain resolving

Thanks

simsim by L4 Transporter
  • 3846 Views
  • 5 replies
  • 0 Likes

Firewalls in HA, how bring them in Panorama

Hello I have a HA Active/Passive pair of Firwealls in 7.0.5 and Panorama 7.1.9

I need to import configuration into Panorama. The process below is not clear if I need to do that for both firewalls

https://live.paloaltonetworks.com/t5/Management-Articles

...

Kaliman by L2 Linker
  • 1810 Views
  • 1 replies
  • 0 Likes

Resolved! Issues with GlobalProtect on Windows 10 1703

Hi,

 

I recently had a collegue who installed Windows 10 1703, also called the Creators Update.

After the update GlobalProtect appears to be able to connect to the gatway, but it fails to retrieve an IP address and DNS servers from the firewall.

 

Have an

...

as-mg by L3 Networker
  • 6491 Views
  • 6 replies
  • 0 Likes

WannaCry - how to protect our system with help from PANOS?

Hello

 

Is it a way to help protect our Windows systems from attacs from internet/lans using url protection (or other technics)?

 

According to https://mobile.twitter.com/msuiche/status/863284743940575232 it's using hardcoded url so it could be possible.

...

_slv_ by L4 Transporter
  • 6870 Views
  • 14 replies
  • 0 Likes

GP-AD user password expiry

When setting up a Global policy object for a Paloalto globalprotect user/group , the maxpwdage attribute does not match the, the password expiry date sent for Paloalto user, This can be confusing to know when the password actually going to expire for

...

pwdpilicy.PNG
pwdexpiry.jpg
pwdlastset1.jpg

GP Error( 51): Driver is not installed, reinstall it now!

Hi,

 

Related to this issue here however the error code is different, Link here

 

Upon checking the logs:

(T5392) 05/15/17 10:55:32:387 Error(  51): Driver is not installed, reinstall it now!

 

05/15/17 10:55:27[Info   297]: Driver inf file is installed suc

...

Broken_GP.PNG
Working_GP.PNG
ESutedy by L1 Bithead
  • 2925 Views
  • 2 replies
  • 0 Likes
  • 24016 Posts
  • 115 Subscriptions
Top Solution Authors
Top Liked Authors
Labels