General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

How and Why to Accept a Solution to Your Post

Did you know that you can help your fellow community members by accepting solutions when a reply answers your question Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature

...

JayGolf_0-1691518400714.jpeg
JayGolf by Community Team Member
  • 965 Views
  • 1 replies
  • 9 Likes

ACC Behaviour

Hello everyone!

 

I've got a question about the behaviour of the new ACC in 7.0 and above.

 

I can apply a global filter for the action of deny.

 

When I do this, the graphs show no data, even if I click refresh.

 

If I click 'jump to logs' with the

...

bmorris1 by L4 Transporter
  • 1617 Views
  • 4 replies
  • 0 Likes

show counter global filter category flow aspect dos

 

Hi,

 

 

Below is  output of  'show counter global filter category flow aspect dos' 

 

What does it mean by value and rate . Does it mean '143291' packets dropped ?     

 

namevaluerateseveritycategoryaspect      flow_dos_red_tcp11432910dropflowdosf...

sib2017 by L4 Transporter
  • 3864 Views
  • 11 replies
  • 0 Likes

PA blocks outbound port 10443, doesn't show up in logs

I have and external website that I need to access on port 10443: https://<public IP>:10443. The connection never completes and times out. 

 

If I pull the PA FW out and throw in an ASA, works just fine. The logs on PA don't even show port 10443 being

...

dclark1 by L1 Bithead
  • 2529 Views
  • 8 replies
  • 0 Likes

SMTP weird characters

Hi everyone!

My client's SMTP traffic goes through ASA and Palo Alto and some other network application devices such as proxies and stuff.

At some point, the SMTP message gets some SMTP characters added.

 

I removed ASA ESMTP inspection just in case, and

...

incomplete and ddos drops

Hi

The following report shows incomplete

Database: Traffic Log
Columns: Source Zone, Source Address, Source Port, Destination Zone, Destination Address, Destination Port,
Application, Bytes
Query Builder: (app eq incomplete) and (port.dst leq 1023)

but

...

sib2017 by L4 Transporter
  • 1374 Views
  • 1 replies
  • 0 Likes

Importing device into Panorama with shared objects

Hello

 

I would like to import device into Panorama with all objects as shared into Panorama. I read the below line from PA documentation 

Import devices' shared objects into Panorama's shared context is enabled by default, which means Panorama imports ...

Download of Panorama for VM-Series Base Images

Dear PA,

 

Is there any release of Panorama for VM-Series Base Images available to download? If yes, where and how.

I need it to run in the VMware workstation player to test. 

I didn't see the in the software  Updates of my account. 

 

thank you.

 

r

...

Resolved! Aperture use

HI, anyone out there use Aperture yet? I have trial license which I have setup and added polices. Now what is suppose to happen? I see it show me Im now monitoring Salesforce and box.com but  as show below everyting is showing "0's after a week of ru

...

Screen Shot 2016-04-20 at 8.59.12 AM.png

Source IP address is set to "none"

Hello All,

 

Lately I am noticing some polices that the Source IP address set to none as shown below can anyone let me know if none act like any or not?

I think yes as I created policy from Noc_OSS zone with IP add 192.168.*.* toward Default zone wit

...

none.PNG
M.Hafi by L1 Bithead
  • 2351 Views
  • 6 replies
  • 0 Likes

Ethernet interfaces randomly resets

Hi,

 

I have an issue, I'm running PA-200 with PAN-OS ver. 6.0.12

 

I'm running Palo in Virtual Wire mode Eth1/1 is untrusted zone and Eth1/2 is trusted zone.

My problem is that from unknown reason the interfaces randomly just freeze (LEDs are going

...

ScreenShot412.png
jac_nor by L0 Member
  • 1590 Views
  • 3 replies
  • 0 Likes

Resolved! flush-dns flag in GlobalProtect registry resets to "no"

I'm currently having an issue with users having to do "ipconfig /flushdns" in order to gain access to certain network resources when connecting to VPN.

 

There is a registry entry called "flush-dns" located under HKEY_CURRENT_USER\Software\Palo Alto

...

as-mg by L3 Networker
  • 4777 Views
  • 1 replies
  • 0 Likes
Top Liked Authors