General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

LSVPN Tunnel Recovery

I've set up my first LSVPN deployment and everything has gone without a hitch. The only issue I ran into, we were doing an upgrade of PAN-OS on the gateway and satellites. Satellites all went fine, but my gateway bombed out (first time its happened to me). We were in an HA pair, but I had duplicate IPs on the network once the passive box rebo...

dan731028 by L3 Networker
  • 3177 Views
  • 1 replies
  • 0 Likes

PA VM OSPF to NSX ESG

Hi, been trying to establish an OSPF adjacency between a PA VM and and NSX External Service Gateway router. I cannot seem to get it established. Looking at everything, my assumption is that mulitcast traffic isn't being allowed or being blocked somewhere. Anyone have troubel or experience they wouldn't mind sharing to get adjacencies up?

Resolved! Content Versions 706 & 707 - some explanation needed

Hello On my PA200 PANOS 7.1.9 I installed 707 manually (because as usually automatic instalation failed), next when I sow emergancy update I did manually update again to 708. On my BOX 708 update is installed (according to GUI) Do I have to reboot the device according to https://live.paloaltonetworks.com/t5/Customer-Resources/Guide-for-Resolving...

_slv_ by L4 Transporter
  • 3365 Views
  • 2 replies
  • 0 Likes

Panorama commit succeeds with warning after firewall config import

Hello Community,Recently I did my first configuration import a firewall into Panorama. Everything works as expected, but when I do a device group commit, I get the following message in panorama: DetailsConfiguration committed successfullyWarningsvsys1(Module: device) When I take a look at the firewall, it says the commit was successful. In ma...

dan731028 by L3 Networker
  • 8646 Views
  • 9 replies
  • 0 Likes

PA3020 - receive errors and output errors.

Hey! I don't know if that's a real problem: I have a PA-3020 and its internal interfaces are connected to a Cisco 3850 Switch (copper, 1000 Base T) When I do a "show interface ethernet1/5" on the firewall, the receive errors are permanently increasing. On the cisco switchport, there are a lot of output errors. The cables are new. Is anyone in th...

MPI-AE by L4 Transporter
  • 7736 Views
  • 8 replies
  • 0 Likes

Installation path gibberish

Hi, a client tried to install GlobalProtect v4.0.0 on Windows 10 x64 creators update and we get the issue below.The PC is in Israel, Windows installation is in English.Regional settings has Hebrew as Non-Unicode.We get wacky text as the destination folder.Any ideas?Thanks.GP v4.0.0 install folder strangeness

GlobalProtect install path folder error.png

Resolved! Static Route to directly connected Subnet

Hi All, I am working with a project, where the firewall (PA-3020) is connected to a DMZ via its sub-interface. I have two physical Copper interfaces in an aggregated group AE2 with LACP enabled, and then multiple sub-interfaces under that The DMZ sub-interface (ae2.4010) has a subnet of 192.168.66.0/24; however, I am unable to reach the backend ...

URL Filtering issues with 8.0

I'm using a PA-220 with 8.0.2. I have a profile defined which blocks several categories (malware, things not kid friendly, etc) including web-advertisements (the number one thing that gets blocked). It keeps blocking access to youtube videos. In the URL Filtering log entry, it shows these URLs in the "streaming-media" category, which is an al...

HA Active Active Asynchronous Routing Issue

Have two PA vm 1000hv setup in active active HA. They see each other on HA 1,2, and 3 link and synching configs (not vr configs). We have an asynchronous routing scenario that is temporary for now, but need it to work. However, the FWs appear to be dropping traffic. I haven't looked at the counters to indicate dropped asynchronous traffic yet, b...

Resolved! HA comments before configuration?

Hi folks, Configuring my first HA tomorrow around 1:30pm cst.I am enabling HA on a production 3020 as active, then adding a secondary 3020 as passive (same OS, updates, etc. according to HA documentation).Expecting a network interuption because of the MAC Address change, so we have a maintenance window of 1 hour.We are small company, the PA 3020...

OMatlock by L4 Transporter
  • 5126 Views
  • 5 replies
  • 0 Likes

Resolved! Parse rsyslog message

I want to integrate WLC to Palo-AltoI've done converting the snmp to syslog using rsyslogBut I don't get how to parse it in palo alto here 3 syslog messages I got from wireshark when a user tries to loginJun 10 14:08:37 localhost snmptrapd[10216]: 2017-06-10 14:08:37 <UNKNOWN> [UDP: [172.20.253.50]:32768->[172.20.10.43]:162]:#012DISMAN-...

mzharfan by L0 Member
  • 3817 Views
  • 3 replies
  • 0 Likes

Resolved! Help me troubleshooting my globalprotect setting

Hi All,My pan-os is 7.1.1.I want to setup sslvpn for my co-works. Here is my globalprotect setting screenshot http://pan.baidu.com/s/1ccW1h8#list/path=%2FpaloateCould you take a look and tell me where I wrongly configured?Once my globalprotect client try to connect, I get the following error (T5200) 06/10/17 21:09:38:717 Error(3650): NetworkDisc...

Resolved! Why does traffic log show Application for a rule that uses a Service?

Hello folks, I am doing some testing (studying) on using Applications vs Services and have a question about the traffic log. Why does the traffic log identify the traffic and rule to an Application when the rules are setup as Service? My rules are setup as Service. Traffic log identifies them as Applications. Is it because Applications are set t...

fwapps.jpg
fwapps3.jpg
OMatlock by L4 Transporter
  • 5709 Views
  • 8 replies
  • 0 Likes
  • 24393 Posts
  • 123 Subscriptions
Top Solution Authors
Labels