This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Authentication server option

I have a new Palo Alto 820 and my Radius server is a Juniper running 9.1 .  At this time my Cisco and other device use a share key to Authenticate to the Juniper device.  On the Palo 820 Pan os 9.1.4 it want me to use the following Auth methods "PEAP

...

Resolved! SSL decryption issue for Windows Store

Hello,

 

After enabling SSL Decryption, we cannot download from Windows store. Getting error below.

Tried excluding hostname with Microsoft but no luck. How to fix this issue?

 

 

 

Thanks in advance.

Error-windows-store.jpg
exclude-store-list-decrypt.JPG
Farzana by L4 Transporter
  • 15622 Views
  • 14 replies
  • 0 Likes

PXE boot not working through FW

Hi all,

I have a FW with PanOS 9.1.7 that is causing PXE boot issues with TFTP protocol.

When traffic is not routed through the firewall it all works and I have seen several threads about this problem but no solution.

 

DHCP server: Windows Server 2012 R

...

PA equivalent of ASA packet tracer?

One of the more useful features in troubleshooting on the PIX/ASA (which we used until recently) is the packet tracer, which allows us to enter source/destination IP/port, etc and check to see if a given connection is allowed or blocked, and by which

...

Resolved! Azure HA not coming up

Do I need license to test Azure HA scenario. I am following all the steps but HA1 doesn't come up.

I don't have any licenses. And doing a test run of implementation as HA active/passive.

Default 10.0 gets installed with BYOL, but we don't have license

...

raji_toor by L4 Transporter
  • 2085 Views
  • 2 replies
  • 0 Likes

Resolved! Finally have pre-login working - but now

I'm excited to finally have pre-login working per the logs below. But after the successful certificate based pre-login, 

portal-getconfig fails. On the pan the error message is "Failed to get client configuration". Any advise on how to troubleshoot th

...

MichaelMedwid_0-1620266069104.png

SSL Decryption Issues - MacOS Big Sur 11.2.3

We have had SSL decryption configured since we deployed Palo Alto firewalls and it works with little issue on our Windows OS platforms. We have a new project to deploy a few MacOS clients as the application development team requires the ability to te

...

How long time will need to prepar the PCNSA

Hi everyone


 I would like to prepare the certification  PCNSA.

My idea is to pay the tax exam as soon as posible will make force me to study the exam. I would like to know how many hours and time will need for I am going to the exam.

 

Regards

 

 

Athan123 by L0 Member
  • 3303 Views
  • 2 replies
  • 0 Likes

Resolved! 2 ISP NAT question

Hello,

 

we have 2 ISPs . .

Static route with metric 10 for the 1st one and another static route with metric 20 for the second one .

We have 2 nat rules for LAN. 1st one is via ISP1  and 2nd is via ISP2.

So when we change the default route we need to reor

...

stef by L2 Linker
  • 1763 Views
  • 1 replies
  • 0 Likes

PA Destination NAT

I have a use-case that all subnets/VLANs should be able to access the server (192.168.4.4) via HTTP using the loopback IP address 192.168.6.2/32.

 

The PA firewall is the gateway for all the VLANs. I would like to confirm if this is possible? The sourc

...

Nikko by L1 Bithead
  • 2004 Views
  • 2 replies
  • 0 Likes

Resolved! Aplicação incompleta

Galera, boa tarde.

 

Estou com um problema bastante confuso, tento acessar um determinado site "HTTP" é recebo a erro (Não é possível acessar esse site), realizamos um teste fora da nossa rede é o acesso é realizado normalmente.

 

Analisando os LOGS veri

...

Lucaaslr_0-1620676620608.png
Lucaaslr by L0 Member
  • 1791 Views
  • 1 replies
  • 0 Likes
  • 24232 Posts
  • 99 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks