General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Ensuring a Safe and Secure Community: How You Can Help

 

Dear LIVEcommunity Members,

 

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

safe-community_oct24.jpg
report-content.jpg
jforsythe by Community Team Member
  • 240 Views
  • 0 replies
  • 0 Likes

Number of session

Hi,

Palo alto suddenly stops client going internet .

resolving dns stops  ( dns forwarder  just giving timeout instead of  the dns query result ) .

Does it mean maximum  number of session has saturated? 

How can we know maximum number of session reached

...

sib2017 by L4 Transporter
  • 2395 Views
  • 5 replies
  • 0 Likes

Wildfire SMTP - Malicious objects not blocked

Hi,

 

We recently had our FW setup by an external security company.

 

Yesterday we had a malicious email attack which got past our email scanning service. Although Wildfire identified the attachments as malicious, they were sent on to the recipients (aro

...

Capture3.PNG
Kuiper by L1 Bithead
  • 3244 Views
  • 5 replies
  • 0 Likes

Resolved! Security Policy for IPSec traffic

Hello,

 

We are setting up Site-to-Site IPSec VPN between PA and Cisco router. The examples provided on PA websites do not suggest any security policy for this. When we use a security policy for 'Outside-Untrust' to 'Outside-Untrust' to allow traffic b

...

Farzana by L4 Transporter
  • 2157 Views
  • 1 replies
  • 0 Likes

scan-host sweep

Hi,

Under threat detection, scan host sweep  droped some traffic. And under the rules it did not show anything .

What does it mean

Thanks

sib2017 by L4 Transporter
  • 8714 Views
  • 7 replies
  • 0 Likes

Telegram website is not accessible

Hi,

 

I've one client that cannot access https://telegram.org but he can access all other https website.

 

We tried to use a security rule with one source address and any any allow but still the same.

 

In the traffic monitor we can observe the session end

...

PA telegramTraffic log.png
PA telegramTraffic log2.png

Resolved! spoof

Hi,

How palo alto blocks if ip address is spoofed .
Why does it not work in vwire mode
Thanks

sib2017 by L4 Transporter
  • 3158 Views
  • 1 replies
  • 0 Likes

Link Aggregation Query

We have PA 500 which links to 100 Mbps throughput as mentioned by datasheet.

If we do link aggregation would it be possible for us to increase that ?

 

Thanks in advance.

Resolved! Site to Site VPN with error Failed SA

Hi,

 

We have configured a site to site vpn between palo alto and cisco ASA. However, both sites are static and PA is the intiator, ACL is configured properly on Cisco side but I got the error:

 

"IKE Phase-2 negotiation is failed as initiator, quick mod

...

"Client cert is invalid to the gateway" error

Hi,

 

I am trying to setup machine cert authentication, but it appears I am missing something. Local user auth works fine without certificates. Gateway and Portal are on a single 3020 with 7.1. 

 

I created a local-CA and generated a cert for all windows

...

BBartik by L2 Linker
  • 3228 Views
  • 2 replies
  • 0 Likes

NAT Between VR's

Hello.

Despite my best efforts I am unable to get this concept working.

 

We have 1 x Palo Alto 3020.

It has 2 Virtual routers configured.  Both use 192.168.*.* networks.

 

I'd like to access a machine in the neighbour VR, from the opposite VR.  As the net

...

PCortes by L0 Member
  • 2108 Views
  • 1 replies
  • 0 Likes
  • 23624 Posts
  • 107 Subscriptions
Labels