General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Resolved! Dedicated log collector licensing

How are dedicated M series log collectors licensed. We are planning a deployment with two M-100 appliances in an HA configuration. If we add a third M-100 as a dedicated log collector, do we need a third license for Panorama? 

Lepton by L1 Bithead
  • 3178 Views
  • 1 replies
  • 0 Likes

Resolved! User-ID redistribution SSL error

Hello,

 

I am trying to configure to 2 PA to share their user-id data.

I used the following guide: https://www.paloaltonetworks.com/documentation/60/pan-os/pan-os/user-id/configure-a-firewall-to-share-user-mapping-data-with-other-firewalls.html#61291

...

Marck.To by L1 Bithead
  • 2675 Views
  • 2 replies
  • 0 Likes

User Activity Reports on Panorama

 

When we generate a UAR (Using Monitor/PDF Reports/User Activity Report) on Panorama for a particular managed firewall, we do not get any broswing summary sections in the report. If the same report is run on the firewall itself, we do get that infor

...

Nig by L1 Bithead
  • 1339 Views
  • 2 replies
  • 0 Likes

ISP failover in PanOS 7.0.4

Hi, 

 

We are moving from Juniper ScreenOS SSG firewalls to PanOS 7.0.4, 3020 clustered firewalls. 

 

On our Junipers we make use of a feature called track-ip for Interface failover between ISP's...This basically works by pinging a far device on the

...

Resolved! Dynamic Block List Question.

 

Hello Community,

 

Blacklist (such as IP Void or SpamHaus) with a suggestion that we should block that IP.  

I'm hoping there's a way that we can leverage such a blacklist - for example, to have a rule in the FW that references an existing Blacklis

...

Apadilla by L3 Networker
  • 4471 Views
  • 8 replies
  • 0 Likes

Resolved! Agentless USER-ID - no matched record

Good Day

 

I have a PAN-5050 configure for agentless USER-ID to a W2K8 AD. We were getting user ids/ips in the logs but now we're not. The server-monitor is connect and now errors or failures to connect. When I do the cli commands (show user userids,

...

burtond by L2 Linker
  • 2240 Views
  • 4 replies
  • 0 Likes

Resolved! Botnet report full of cloud.typography.com entries

My weekly botnet report is full of entries like: 

"Repeatedly visited (32) the same malicious URL cloud.typography.com/"

 

I've checked this URL in the database and using the CLI, and it shows as computer-and-internet-info

Several tools I've used to

...

holtcg by L1 Bithead
  • 2353 Views
  • 2 replies
  • 0 Likes

Resolved! Deny & Allow

I have a rule that allows the administrators remote desktop access to our physical domain controller. While reviewing the traffic logs I can see that the PA is show allows and denies for the exact same traffic from my PC to the domain controller usin

...

jdprovine by L4 Transporter
  • 1303 Views
  • 2 replies
  • 0 Likes

Resolved! Renew digicert certificate

Hi,

The certificate we use for GlobalProtect needs to be renewed and I have just paid the renewal and received the file from digicert.. 

 

In my PA500's Device Certificates the expired certificate has two lines:  The second line's certificate name ha

...

Palo Alto daily admin tasks

Hi,

 

I am a somewhat newbie to PaloAlto firewall. I was wondering if someone could give some good guidance into what "Daily" tasks look for a PaloAlto Admin? What should they be monitoring on daily basis? Is there a nice checklist of things that sho

...

Chintan by L0 Member
  • 2351 Views
  • 2 replies
  • 2 Likes

System stats

Is there a way to run a report to see if CPU is getting spiked over a 24 hour period of time

jdprovine by L4 Transporter
  • 1164 Views
  • 1 replies
  • 0 Likes

Resolved! VWIRE Physical Connecivity to Current Virtual Firewall

Hi,

 

I am trying to get my head around VWIRE and how it supposed to work.

 

We have the following scenario

 

SWITCH -> VIRTUAL FIREWALL (ON SHARED HOST) -> INTERNET

 

We are now looking to do

 

SWITCH -> PALO ALTO -> VIRTUAL FIREWALL (ON SHARED HOST

...

indysogi by L2 Linker
  • 1694 Views
  • 2 replies
  • 0 Likes

IPSEC phase 2 rekey

We are having problems with a site to site IPSEC VPN between a PA-500 and a Cisco ASA. The PA is always the initiator and the tunnel comes up and passes traffic just fine. The problem comes when the tunnel needs to rekey, basically it seems that the

...

Sigma by L0 Member
  • 6855 Views
  • 5 replies
  • 0 Likes