General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

 

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! 

 

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 436 Views
  • 0 replies
  • 0 Likes

Resolved! Migrate Config between PA-500 and PA-2050

Hello,

 

we own a PA-500 Firewall but are some Versions behind in the OS. Now we want to update it but got an downtime estmiate from our local Palo-Alto vendor from 8 hours. (From Version 5 to  Since we have some 24/7 Callcenters in house that's not a

...

lenmar by L1 Bithead
  • 4180 Views
  • 7 replies
  • 0 Likes

Resolved! OCSP is incorrectly spelled OSCP in the documentation

C'mon guys, really?

 

https://www.paloaltonetworks.com/documentation/80/globalprotect/globalprotect-admin-guide/authentication/deploy-shared-client-certificates-for-authentication

 

https://www.paloaltonetworks.com/documentation/80/globalprotect/globalpr

...

DFrauzel by L0 Member
  • 3650 Views
  • 6 replies
  • 0 Likes

Qos profile

 

Hi ,

 

In the above  which class will get high priority ?

 

Thanks

traffice.JPG
sib2017 by L4 Transporter
  • 8008 Views
  • 13 replies
  • 0 Likes

Considering Buying Palo Alto 800 Series

Hi All,

 

I would like to request assistance from anyone who has had experience with different firewall vendors and currently is a Palo Alto firewall user as I'm not a firewall expert whatsoever.

 

I'm considering buying a Palo Alto 850 Series firewall o

...

Techlove by L0 Member
  • 3089 Views
  • 2 replies
  • 0 Likes

GP upgrade beyond 2.2.x

Hi,

 

I'm running GlobalProtect 2.2.1 on PANOS 7.0.7. I'm preparing to upgrade to 2.3 (and beyond) to finally support some newer client devices. This caveat in the 2.3 release notes made me pause:

 

 

If your GlobalProtect 2.2 or earlier release configura...

gateway.png
blankprofile.png
portal.png
portalagent.png
MCmgt by L2 Linker
  • 3608 Views
  • 6 replies
  • 0 Likes

Is Decryption needed without URL filtering?

Hello.

 

We currenly have a Palo-5050 v7.18 doing firewalling and URL filtering.

We have SSL decryption enabled.

 

Because Palo does not support transparent authentication using Chromebooks and because we do not like the Palo URL reporting, we are looking

...

dannon by L3 Networker
  • 2455 Views
  • 2 replies
  • 0 Likes

Captive Portal & Identifying Guests?

Hello,

We have a guest network with a constant rotation of mobile phone users. Is there a way to collect some information about who these devices belong to, such as forcing the user to enter their e-mail or company name? Perhaps using the Captive port

...

Configure DNS Sinkhole with multiple IPs

Hello,

 

I found this instruction https://live.paloaltonetworks.com/t5/Configuration-Articles/How-to-Configure-DNS-Sinkhole/ta-p/58891 which is great but how do I create the Anti-spyware profile for multiple IPs?  I'm hoping I don't have to create one

...

rullyk by L0 Member
  • 2405 Views
  • 2 replies
  • 0 Likes

Resolved! Flow basic

Will a debug flow flow basic  show  me if Im actually raching destination server? What I mean is if I have a server that is used for BAS_Filer mounts will it show me that Im not mounting to destiantion server that does the actaul mount? I know the pa

...

app-id for amazon video on ipad?

I am using a PA200 with 7.1.7 and app version 652.  There is an app-id called amazon-instant-video.  After I watched Grand tour on amazon video on ipad and air play on the apple tv.   I want to see how many gigabytes did I just use,  I can't find usi

...

Resolved! See full list of "Config Logs"

Hey guys,

 

there is this "Config Logs" Widget on the dashboard of the Palo Alto 3020.

 

But there are only a few entries.

 

Is there a possibility to see more entries?

 

Thanks for a reply!

MPI-AE by L4 Transporter
  • 1923 Views
  • 1 replies
  • 0 Likes

Panorama licensing

I think that this is simple but I am just missing it. I am looking for what my license limitations for my Panorama are. I have looked on my support site and googled it but I seem to be unable to find it.

Essentially I have a number of devices currentl

...

tebert by L1 Bithead
  • 1794 Views
  • 1 replies
  • 0 Likes

Overlapping Subnets and NAT

Hello,

 

I have a new client we have a direct L3 link with. Our firewall has an existing directly connected interface on the 10.10.0.0/16 subnet. Our client also has a subnet of 10.10.0.0/16 which we need to get to.

 

During my initial testing I decided

...

Issues with ipsec traffic from PA3020 to Cisco 871.

I have a working tunnel between Netscreen and Cisco 871. I tried to move this from Netscreen to PA3020.

The tunnel comes up. PA3020-local network-192.168.2.0/24 and remote-192.168.235.0/24.

Traffic from 2.0(palo side) to 235.0(cisco side) network is fi

...

  • 24075 Posts
  • 116 Subscriptions
Top Liked Authors
Labels