This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

Discussions

Start a conversation

Zone protection isnt blocking scan

Hi

We have created a zone protection profile for zones UNTRUST/DMZ/TRUST to prevent scan  but we have realised that this zone protection profile isnt working.

Why isnt blocking this scan??? we have the default values in the zone protection profiles....

...

PA service account causing huge root DNS traffic?

Basically, the traffic monitor is showing DNS traffic going from my DNS server in the trusted zone to the external root DNS (our ISP) in the untrusted zone, and user is the PA's own domain account.

All of it's coming from a domain controller that also

...

Maxstr by L3 Networker
  • 4556 Views
  • 7 replies
  • 1 Likes

Resolved! Rate limiting egress on perimeter install

I have a client where I would like to rate limit egress traffic from an internal source IP. This source IP tends to be a major bandwidth hog. I currently have no QOS profiles setup but I do see the option to limit egress I believe.

Are QOS profiles th

...

SDorsey by L4 Transporter
  • 1669 Views
  • 1 replies
  • 0 Likes

Cannot set new certificate to portal

Hello all,

Because of a domain name change, I created a new CA certificate on the PA500 which is our portal. I set this certificate as server certificate in the Portal settings. I committed, restarted the web-server and sslvpn processes.

But the new po

...

bsanders by L2 Linker
  • 2601 Views
  • 4 replies
  • 0 Likes

Resolved! Deny internet access by OS

hi there,

is there a possibility to create a rule to deny internet acces by specific os?

i want to disconnect a large set windows xp clients from the internet, but allow access fo win7 clients.

thank you

sascha

skemena by L1 Bithead
  • 2393 Views
  • 2 replies
  • 0 Likes

Issue in the syslog message format in Palo Alto 6 beta 1

Hello,

I am currently on Palo Alto v 6.0.0-b23 and facing an issue with the format of syslog message.

if we pass the same malicious file through Palo Alto device, syslog message forwarded by Palo Alto v5.0.6 and v6.0 beta are different. Palo Alto 5.0.6

...

NHorsch by L1 Bithead
  • 1563 Views
  • 1 replies
  • 0 Likes

PA Ipsec Tunnel

Hi there,

We have a particular setup with our remote sites that I am currently having an issue with.

On sites we use pfsense firewalls that have Ipsec tunnels setup to connect back to the PA system here at our main offices. This has all been fine up un

...

JRussell by L3 Networker
  • 1353 Views
  • 0 replies
  • 0 Likes

Securing IPSec VPN tunnel

Recently we are planning to roll out potentially hundreds of IPSEC VPN tunnels at our customer locations to access our own remote devices securely over the Internet. However, we don't have good control of physical access to these remote VPN devices m

...

Resolved! Blocking images with EXIF data

I have a customer that wants to block outbound images that have EXIF data (gps coordinates).  Can this be accomplished with a customer app-id doing a pattern match perhaps?

Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks