General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Ensuring a Safe and Secure Community: How You Can Help

 

Dear LIVEcommunity Members,

 

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

safe-community_oct24.jpg
report-content.jpg
jforsythe by Community Team Member
  • 277 Views
  • 0 replies
  • 2 Likes

Resolved! Processor Descriptions

I know I've seen an article/documentation on this somewhere, but I am struggling to find it.

 

When running a show system environmentals, and more specifically the "Thermal" area for the processors, does anyone know what functions are being handled by

...

change webcertificate

Hi,

 

Testing with Rome release I notice we need to have trusted CA on the Minemeld webserver. You can't use the Minemeld default certificate to import on the PA firewall.

So I had to manually change certificate in the NGINX. 

Maybe this could be inc

...

Policy Rules order

Hi there,

 

if we are going to the tab "Policy" we will see 7 different sub tabs. The tabs are:

 

Security

NAT

QoS

PBF

App Override

Captive Portal

DoS Protection

 

So I know for example that Security rules are always checked before NAT rules but whats about the

...

Rboehme by L2 Linker
  • 2730 Views
  • 3 replies
  • 0 Likes

Resolved! SMTP Inbound Decryption

We have decyption turned on for inbound smtp trafffic. It is only decrpyting a portion of the encypted traffic.  I have an open ticket with support but still working through it but I wanted to check to see if anyone else is experiencing issues. I do

...

Capture_decrypt.PNG
clewis1 by L3 Networker
  • 3071 Views
  • 2 replies
  • 0 Likes

Palo alto networks Problem Session out

Hello ,

 

I have a problem with my firewall PA-200. When I try to open the GUI , I found an error message with a session out . You can find in the attachement this error message .

 

I read that may be this problem can be related to the disk space. I do a

...

Session Out.JPG
disk-space.JPG
Mariaa by L1 Bithead
  • 2168 Views
  • 4 replies
  • 0 Likes

Resolved! ARP table cache "incomplete"

Hello All,

 

Need some clarification on ARP table. For some reason, once we swapped the devices from 2020>3020  our ARP table is seen as incomplete but services are working fine withing on that particular external subnet (before they did but we use gra

...

ARP entries_hidden.PNG

Concurrent users cannot connect

Hello,

 

GlobalProtect GW with x-auth is enabled for IPsec VPN client services. However, only one concurrent session per user is allowed and any subsequent sessions disconnects the previous session user. Same issue happens whether the user is a local a

...

Farzana by L4 Transporter
  • 5614 Views
  • 13 replies
  • 0 Likes

Issues with enumerating UPN

Does anyone have any experience with configuring VPN to use the UPN instead of sAMAccountName? I'm trying to get a configuration working using a Radius Multifactor system that requires the UPN, and while I can get that part to work, I can't figure ou

...

Resolved! Testing Performance

I would like to get to know which specifc traffic is being checked by specific features of Palo-alto NGFW. To be more precise after enabling all the features on the device which traffic is being checked by URL filtering , IPS Anti- Spyware and other

...

luk by L0 Member
  • 2764 Views
  • 4 replies
  • 0 Likes

identify interfaces where mtu is being exceeded

Hi, wondering if someone might know how to see counters for flow_fwd_mtu_exceeded for a specific interface. Our firewall's global counter is increasing using this command:

 

show counter global filter packet-filter yes delta yes

 

but I'd like to know wh

...

Resolved! M-100 default log collector

Hello,

 

in the followind doc, Firgure: Single Default Log Collector per Collector Group.

Looks like we can assign Firewalls to send logs to the Primary Panorama, Also it looks like we can assign firewalls to send logs to only the Secondary Panorama.

htt

...

Kaliman by L2 Linker
  • 2957 Views
  • 3 replies
  • 0 Likes

Resolved! Block YouTube--Allow Google.com

We have 1 user who is abusing Youtube. I need to block this person from YouTube but still allow this person access to google.com

I tried a URL filtering policy but it also blocked access to google.com.

Is there a document or a video of how to perform t

...

  • 23639 Posts
  • 107 Subscriptions
Top Liked Authors
Labels