General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Telegram website is not accessible

Hi,

 

I've one client that cannot access https://telegram.org but he can access all other https website.

 

We tried to use a security rule with one source address and any any allow but still the same.

 

In the traffic monitor we can observe the session end

...

PA telegramTraffic log.png
PA telegramTraffic log2.png

Resolved! spoof

Hi,

How palo alto blocks if ip address is spoofed .
Why does it not work in vwire mode
Thanks

sib2017 by L4 Transporter
  • 3065 Views
  • 1 replies
  • 0 Likes

Link Aggregation Query

We have PA 500 which links to 100 Mbps throughput as mentioned by datasheet.

If we do link aggregation would it be possible for us to increase that ?

 

Thanks in advance.

Resolved! Site to Site VPN with error Failed SA

Hi,

 

We have configured a site to site vpn between palo alto and cisco ASA. However, both sites are static and PA is the intiator, ACL is configured properly on Cisco side but I got the error:

 

"IKE Phase-2 negotiation is failed as initiator, quick mod

...

"Client cert is invalid to the gateway" error

Hi,

 

I am trying to setup machine cert authentication, but it appears I am missing something. Local user auth works fine without certificates. Gateway and Portal are on a single 3020 with 7.1. 

 

I created a local-CA and generated a cert for all windows

...

BBartik by L2 Linker
  • 3127 Views
  • 2 replies
  • 0 Likes

NAT Between VR's

Hello.

Despite my best efforts I am unable to get this concept working.

 

We have 1 x Palo Alto 3020.

It has 2 Virtual routers configured.  Both use 192.168.*.* networks.

 

I'd like to access a machine in the neighbour VR, from the opposite VR.  As the net

...

PCortes by L0 Member
  • 2049 Views
  • 1 replies
  • 0 Likes

Palo Alto and Polycom Relpresence Issue

Hi All,

 

Having issue using Polycom mobile.

 

On our side: No video and audio

On Dialed no: Video and Audio is working

 

we translate trust network to a specific public address and allow

 

Policy:

trust network -> untrust to any destination and service.

Untrus

...

Hostname in user id and terminal server agents issue

We are using dns name for user id and terminal server agents in firewall configurtaion like below

 

However intermittelnly we are seeing red light on firewall and while checking directly on terminal server agent software, the firewall connection is van

...

fqdn.png

globalprotect fails to connect on windows 10

GlobalProtect doesn't connect on my new windows 10 laptop (64 bit). I tried reinstall/reboot several times, but it didn't help.

 

The PanGP Service log shows :

 

 

21:49:49:463 Debug(1241): Session 1, domain name XXXXX.
(T4740) 05/12/16 21:49:49:463 Info (

...

ravindra by L0 Member
  • 6187 Views
  • 6 replies
  • 0 Likes

Upgrade to latest 7.0.x or 7.1.x?

Hi,

 

we are planning to upgrade our 3020 A/P Cluster to latest PANOS (7.0.x or 7.1.x). Currently we are runing 6.1.13.

 

We want to do more SSL Decryption (Inbound & Forward Proxy). What are you thinking is the best and stable release for 3020 A/P Clust

...

iweltag by L2 Linker
  • 3778 Views
  • 7 replies
  • 0 Likes
  • 23716 Posts
  • 104 Subscriptions
Top Solution Authors
Top Liked Authors
Labels