This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

GlobalProtect Windows client - command line interface?

We're using the GlobalProtect Windows client application to connect to a customer’s VPN.

 

We’d like to automate this process, as right now our  only way to connect is to click on the tray icon ‘Connect’ option.

 

Is it posible to automate (e.g. via comm

...

Resolved! VPN IPSec gcm or cbc cypher types

When configuring VPN to a 3rd party vendor and you are given the required settings for IPsec profile as sha1 or sha256 only, however on the Palo Alto firewall we have the option to use cbc or gcm, e.g. aes-256-cbc and aes-256-gcm.

In the past I used t

...

BatD by L4 Transporter
  • 11232 Views
  • 6 replies
  • 0 Likes

DNS proxy rule

I have a DMZ zone for guest wireless users on Palo Alto. They use our internal server 192.168.10.10 for DNS. I am trying to configure the firewall to force them use 8.8.8.8 for a specific domain eg:*.amazon.com
Please let me know if configuring a DNS

...

Resolved! Packet Capture Filters via CLI using debug commands

I am trying to capture traffic between a specific source on the internal network to any destination on any zone.  I totally understand how to enable captures and turn it on & off but my capture seems to be colleting data but not anything that I can r

...

Resolved! Global Protect User cant login to the portal

User can login to GlobalProtect Portal normally. However, clicking a link to download the GlobalProtect client fails with the following error: "Could not find file".

 

Note: Global Protect agent has already installed and activated on peers

Problem with Panorama commit

Hello there!


I have a problem when I try to push the commit to Panorama. This commit is added to the queue, but then nothing else happens. The odd thing is that nothing is queued in the firewall queue...


Thanks in advance.

VPN-NAT question

I have 10.240.0.0/12 in the Proxy ID and would like to NAT all my 192.168.x.x addresses behind  10.248.250.10 out of that 10.240/12.
my plan is to create the NAT rule and assign that 10.248.250.10 to the VPN tunnel Interface. will this create a route

...

Troubleshooting User-ID from syslog listener

I've configured my 5050's to be Syslog Listeners for a couple sources so that I can parse User-ID information out of them.  I did so following this document here. I can see via the command

 

show user server-monitor state XXX

 

that I am receiving log me

...

  • 24208 Posts
  • 99 Subscriptions
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks