This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

General Topics

Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

 

Rules and Best Practices

 

  1. Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion
...

JayGolf by Community Team Member
  • 646 Views
  • 0 replies
  • 0 Likes

Resolved! How VPN test commands work

What happens behind the scenes when you run..

 

test vpn ike-sa gateway <name>

 

or

 

test vpn ipsec-sa tunnel <name>

 

Is there a debug which will show you the test packets sent/received?

 

palomed by L3 Networker
  • 5812 Views
  • 2 replies
  • 0 Likes

Vpn site to site encryption

Hi All,

 

i have two different firewalls and need to establish site to site vpn

 

IKE Phase 1 : Encryptin will be AES-256 CBC and the other peer have only AES-256 without CBC

 

is it gonna work ?  or it will fail

Panorama Cert Expiring

I've been finding it more difficult to take time away from daily work tasks to review the happenings on the community.  That said I just reviewed the release notes for 7.1.9 and saw the impending cert expiration.

 

While the "sticky" thread is a good i

...

User-id with RDP users

hi,

 

am having an issue with user-id for users login to servers over RDP, what happens is when user1 login to serverA over RDP and then user2 login to serverA user2 will get the policy of user1.

 

on PAN when i run the command ( show user-id-mapping ip

...

Resolved! Simple two PC ping test setup with PA200?

Hi folks,

 

I want to setup a simple two PCs connected to PA200 so that I may practice a ping test and packet capture.

PC#1 - IP address 192.168.1.2 - connected to interface 1/1

PC#2 - IP address 192.168.2.2 - connected to interface 1/3.

 

I can not get my

...

ping3.jpg
ping2.jpg
OMatlock by L4 Transporter
  • 5049 Views
  • 8 replies
  • 0 Likes

Resolved! Settings inheritance thru Template-Stack ?

If I have two devices in the same Template-Stack, will member template enforce same setting on both devices including i.e. same L3 addresses ? This is what I want to avoid

niuk by L3 Networker
  • 5102 Views
  • 3 replies
  • 0 Likes

How to IPSec over GRE with dynamic routing

I saw a document on how to configure VTI tunnel with OSPF. But that is for PAN-OS 4.1. Does anybody know if PAN-OS 7.1 supports GRE tunnel? I need to configure IPSec over GRE on the Palo Alto to talk to a Cisco router. Thanks

jac101 by L2 Linker
  • 3942 Views
  • 2 replies
  • 0 Likes

Resolved! Viewing offloaded sessions in CLI

System is a PA-3050 running SW version 7.1.7

 

Does the CLI still show the "Offload: yes" output in 'show session id <session-id-#>' for this version of software?

 

I recall seeing this flag for certain sessions in prior versions. Lately I have been trou

...

Resolved! Monitor tab empty

PANOS 8.0.0

Definitely forwarding and policies working.

But monitor tab simply empty.. restart did nothing.

?

mpgioia by L3 Networker
  • 7331 Views
  • 14 replies
  • 0 Likes

help with NAT

hello im wondering if anyone can help a PAFW newbie with configuring some nat that i am trying to pass through.  i dont know how my security & nat rules should look but this is what i have configured:

 

security rule: source zone (untrust) source addre

...

bwfreas by L1 Bithead
  • 2384 Views
  • 3 replies
  • 0 Likes

Resolved! IPsec tunnel questions?

Hi folks,

 

We have several IPsec VPN tunnels for various remote firewalls connections.  One of them is changing their firewall hardware to something else next week.  Sonic firewall, I believe.

 

I've been told that they are configuring the new replaceme

...

OMatlock by L4 Transporter
  • 3135 Views
  • 5 replies
  • 0 Likes

Resolved! moving away from a disconnected panorama

Hi All,

we recently got disconnected from the parent company and I ended up with all the network access and policies that I can't edit, and i'm afraid to touch the disconnect from panorma without asking first...

 

If I disconnected, will the policies be

...

JasonY by L1 Bithead
  • 4576 Views
  • 6 replies
  • 0 Likes
  • 23945 Posts
  • 113 Subscriptions
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2025 - Palo Alto Networks