General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

DHCP

We've used Palo alto as DHCP server for all our wireless infrastructure, we notice that after one hour the IP has to expire and be release, however it keep the expired session on the DHCP and we have to manually clear out this from cli. Once the pool is full no dhcp ip is released. Anyone does know the issue? Secondly can we automate the command...

Denis by L2 Linker
  • 4658 Views
  • 5 replies
  • 0 Likes

Block Facebook App

We are using a Palo Alto Firewall and have facebook blocked on the browser, but the mobile app still works on Android and iPhone. What is the catch all way to block the facebook app?

External Dynamic Lists requires "google-app-engine" ??

Greetings On PAN-OS 7.1.8 configuring EDL is giving some unexpected results - I have an application based security policie set for my PA management IP addresses to fetch the updates i.e. "paloalto-updates, widlfire, pan-db-cloud, ssl and web-browsing" with service set to application default. No profile actions set to block. After populating the...

Resolved! How to generate SNMP Trap from CLI/GUI?

Hello I'm on 7.1.7 PANOS and I need to generate traps for testing purposes. I didn't find in manual such CLI command. please advice me how to generate from CLI or if it's not possible how to make a workaround (ie. using trap on virus condition or so) With regardsSLawek

_slv_ by L4 Transporter
  • 10714 Views
  • 2 replies
  • 0 Likes

Resolved! Exfiltration detection?

Has anyone set up a PAN alert for egress bandwidth utilization? For example: If any internal host transfers more than (x) GB in (y) Minutes to the Internet - throw an alert.

Can not access to Web Admin GUI on Active Device Paloalto, can access to Standby device in HA System

Hi All, I have met a problem with access to my Active Pan Device by Web Admin GUI.I can access by SSH Console and I can access to Standby Device in HA System.My device: PAN 3020, OS Version 6.1.4. Have anyone meet the same problem, please share the solutions. Error logs---------------------2017-03-21 11:04:21.009 +0700 Error: pan_authd_user_is_l...

Problem wildfire submission logs missed sender/recipient address

Hi alli have this little issue: I have panorama with a pa 5050 cluster firewall 7.1.5 with wildfire licence. I have a rule to control smtp traffic with a wildfire profile.In the wildfire i have disable benign responce and in the configuration i have selected this: The problem is that i don't see anymore, after a malicous responce, the recipent/s...

Wildefire sub.JPG

Unused rules

I know it is possible to get unused rules since last reboot, but it is obvious the data is in Panorama. Is there no way to get a list of rules not used since a specified date? https://live.paloaltonetworks.com/t5/Learning-Articles/How-to-Identify-Unused-Policies-on-a-Palo-Alto-Networks-Device/ta-p/53202

SSaady by L0 Member
  • 4964 Views
  • 4 replies
  • 1 Likes

Resolved! Cannot ping connected adsl modem.

Hi all, i've connected a adsl modem to our 3020 to redirect some clients to, configured the interface as dhcp client, the port successfully gets an ip address from the modem but i can not ping the modem interface from firewall's cli. I might be missing a simple step but i'm fairly new with PA, any help appreciated, thank you

pa2.png
pa1.png
pa5.png
pa6.png
Oseberg by L1 Bithead
  • 9754 Views
  • 8 replies
  • 0 Likes

Resolved! Line Messenger APP

Hi All, Do we have an application for Line Messenger: https://line.me/en/ Cannot see it in Palo database. Thx,Myky

How to block TCP22 connections

Hi everybody I like to know if there is a way to block incoming connections attemps to port TCP 22. I have an end-customer which has lots of connections to his public ip range 0.0.0.0/24 to port TCP22 but not hit the vulnerability 40015 (SSH User Authentication Brute-force Attempt) because it neves triggers the child signature 31914 (SSH2 Login ...

SOC_CSG by L4 Transporter
  • 4320 Views
  • 4 replies
  • 0 Likes

what exactly is tcp-reuse and does it sends session closure traffic to the client and server?

heyhey we have some problem with old system that are beeign stuck after some tome it is working and on the logs we see the session end reason is "tcp-reuse" my questions are:1) what should be happaning on the network flow for this end-reason log to apear2) will the FW generate some traffic to the client and server to "close" their existing conne...

minow by L4 Transporter
  • 26176 Views
  • 1 replies
  • 0 Likes

Resolved! How to submit a CSR to Microsoft CA?

Hello folks! I have seen a few articles and documentation for generating CSR and submitting to Microsoft CA for subordinates. What about just a root stand alone enterprise Microsoft CA? I am preparing to configure a Global Protect portal, generated/exported my CSR, pasted into the Microsoft CA interface, but unclear of what option settings to s...

microsoftCA_1.jpg
OMatlock by L4 Transporter
  • 2492 Views
  • 1 replies
  • 0 Likes

Research paper shows vulnerabilities with SSL interception

On Feb 2017, some universities, Mozilla, Cloudflare, and Google released this paper on corporate and desktop HTTPS interception. First they figured out how to identify when someone connects to a web server through an SSL interception appliance. Then they found that most corporate "man-in-the-middle' appliances expose security vulnuerabilities. B...

Maxstr by L3 Networker
  • 4849 Views
  • 5 replies
  • 0 Likes
  • 24393 Posts
  • 123 Subscriptions
Top Solution Authors
Labels