General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Pros and Cons of v-wire

I'm setting up a PAN firewall between our company and our business partners who have direct connections to our LAN.  My idea was to use v-wire but some of our other network administrators say it would be too difficult to troubleshoot.  What are the p

...

svanarts by L1 Bithead
  • 2993 Views
  • 2 replies
  • 0 Likes

Commit failing

Running a VM-300 on PANOS-7.0.3

 

When attempt to make a commit (either through GUI or CLI), it hangs at 98%, and then fails.  The commit failure outputs the following:

 

Client sslvpn requesting last config in middle of commit/validate.  
Aborting curren...

mmclimans by L3 Networker
  • 5170 Views
  • 1 replies
  • 0 Likes

QOS with multiple active pbf ISP

Hi,

 

We currently have pbf setup to support two active ISP.

The setup on panos 8;

 

Zone LAN Virtual router 1( aggregated link constisting of two ethernet interfaces)

Zone ISP1 200/200 mbit Virtual router 1( ethernet interface 2)

Zone ISP2 200/40 mbit Virt

...

API timeouts/Web UI unresponsive

 

Hello,

 

Managment plane stops responding when sending a number of User-ID XML API calls to FW (tried using PAN-OS 7.1.5 and 8.0).

Any API calls during this time either time-out or return 502/504 HTTP responses.

After close to exactly 5 minutes later fr

...

Farzana by L4 Transporter
  • 2055 Views
  • 2 replies
  • 0 Likes

Resolved! GlobalProtect Certificate Prompt

My users using GlobalProtect on Windows are experiencing a very strange problem when they connect with GlobalProtect.   I am stuck on this one, any tips, pointers, or possible solutions are much appreciated.  

 

Usage:

  • Our GlobalProtect clients conne
...

certerror.png
mmclimans by L3 Networker
  • 3638 Views
  • 1 replies
  • 0 Likes

BGP establish state flapping.

I have couple of bgp established on the firewall. Confiugured new one to AWS ,tunnel comes up but Bgp is flapping.

System logs.

BGP peer session enters established starte,peer ip:169.254.32.1

BGP peer session left established state,peer ip: 169.254.32.1

...

Select route with shorther prefix length

I have a static route for 172.16.0.0/12 but my PA is also learning through OSPF a route for 172.16.0.0/24.

 

As these routes have different prefix length both are installed in the routing table and the dynamic route for 172.16.0.0/24 learnt through OSF

...

COM-UCO by L1 Bithead
  • 3234 Views
  • 3 replies
  • 0 Likes

Configure a static 1-to-1 destination NAT policy

Hello Live Community, 

 

I am a new comer to the firewall game and I am wondering how would I go about setting up static 1-to-1 destination NAT policy on my PA-500 Firewall. I just recently set up the firewall using the documentation below and everythi

...

lzabler by L1 Bithead
  • 2786 Views
  • 3 replies
  • 0 Likes

Resolved! PANs as internal routers?

We are planning to make our Palo Alto (pair) into the main internal router for a decent sized enterprise data center and about 300 users. A pair of Arista routers will be our external WAN/BGP routers.

 

Is using the PAN as a router considered a best pr

...

dlazzaro by L1 Bithead
  • 4495 Views
  • 5 replies
  • 1 Likes
  • 24034 Posts
  • 102 Subscriptions
Top Liked Authors
Labels