This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Panorama Certificate Expiration on June 16 2017

Dear valued Palo Alto Networks customers,

 

Palo Alto Networks firewalls communicate with Panorama managers and Panorama log collectors over a secure channel. For Panorama versions prior to PAN-OS 8.0, the signing CA certificate will expire on Friday

...

PAN-OS_screenshot.png

ikev2 VPN

Is it possbile to set up a VPN using ikev2 and if so is there a document of the steps to create it?

jdprovine by L4 Transporter
  • 2151 Views
  • 2 replies
  • 0 Likes

Issue with traffic over ipsec tunnel.

PA-3020 ,7.1.8. PA  has 3 tunnels with 3 sites.

 

Site1 - PA200 on other side tunnel traffic fine. ping from site1 to subnet behind Pa3020 works with 1472 mtu and fails after

that.

 

Site2- Tried to migrated from ssg140 to PA-3020,other side Cisco 871. Tr

...

Resolved! Palo Alto Mapping problem adding new groups

Hi,

 

we have a PA3050 and we are expecting a problem related to Group mapping. We have added two new groups in LDAP Group mapping profile. We can add these 2 groups using WebUIS "Included groups", we launch a refresh userid group-mapping but when we r

...

Resolved! Migration to Panorama for logging only

I have a quick question about moving an existing set of firewalls to Panorama.  We don't want to migrate the whole config, just want to get it setup so we can send the logs on the device to Panorama so we can utilize the benefits of log aggregation f

...

Resolved! Unused rules showing used

I just upgraded and rebooted my firewall. When I choose to highlight unused rules it is showing rules that I can not find any traffic for in the traffic monitor as used. I thought the reboot would reset everything but I have no idea why a rule that a

...

jdprovine by L4 Transporter
  • 3748 Views
  • 10 replies
  • 0 Likes

Automatic attack block

Occaisionally we get an attack from a single IP to one of our external servers where the attacker tries a whole bunch of known exploits. Is there anything like a "Zone Protection" for this type of attack? I'm looking for something where an external b

...

HIP without license

Is it possible to use HIP Profiles with just custom checks without a HIP license? (Sort of the way you can with URL filtering.)

MCmgt by L2 Linker
  • 1880 Views
  • 2 replies
  • 0 Likes

Resolved! How to keep overview on Security Policies

Hello,

 

I´m in a project of migrationg a Juniper SSG to a Palo Alto FW. While migrating the existing policies I find it where confusing to list all policies in one list. Juniper separted the policies by the source an destination security zone. Is ther

...

Setting Up the PA-200 for Home Setup question?

Hey folks,

 

Newbie here.    I had this going successful before, but after a factory default, not working for me for some reason. 

I've followed this helpful article before and worked on my first try, but not now for some reason.

https://live.paloaltone

...

PA13.jpg
PA7.jpg
PA1.jpg
PA2.jpg
OMatlock by L4 Transporter
  • 1935 Views
  • 4 replies
  • 1 Likes

VM-100 Virtual Wire doesn't show any sessions

 Hi guys, I'm new to PA so I hope this is not a stupid question.

 

I configured my VM-100 with two interfaces (plus manegment), the two interface were setup as Virtual Wire. I can capture traffic going through and everything works from a user perspecti

...

Hwinter by L2 Linker
  • 2524 Views
  • 5 replies
  • 0 Likes

Resolved! Two Default gateways with different priority

Hi Guys,

 

We have two isp links (ISP1 AND ISP2). We have defined to default gateways and set the ISP1 less priority so that all internal traffic will take ISP1.

 

for example

0.0.0.0/0 ethernet 1/1 next hop 76.45.146.22 admindistance 10 metric 1
0.0.0.0/0

...

irshad.n by L1 Bithead
  • 4381 Views
  • 4 replies
  • 0 Likes

IPv6 Point to Point prefix

Hi,

 

Trying to setup a IPv6 Point to Point link between the PAN and SRX.  Does PAN support IPv6 prefix like /127 for point to point connection?

 

(Yes I read RFC 3627 -> RFC 6164 -> RFC 6547 already)

 

Before any one starts about the IPv6 address space is

...

  • 24281 Posts
  • 99 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks