This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

BlackNurse Testing Causes issues on Egress Firewall

FYI It doesn't appear to require an attack to be an IP address bound to the PA.

 

It also appears that testing a remote firewall while egressing through a PA firewall causes your local firewall to experience DOS effects. It is not just inbound to an IP

...

bspilde by L4 Transporter
  • 2462 Views
  • 3 replies
  • 0 Likes

Resolved! TLS secured SMTP inbound inspection?

Hi,

I've recently had a client who's PAN appliance failed to pick up a Zero-Day piece of malware that found it's way into their network via email.

We have wildfire configured correctly and it transpires they are using opportunistic TLS on their mail re

...

Dpeters1 by L2 Linker
  • 14409 Views
  • 11 replies
  • 0 Likes

Resolved! show routing resource

When using  show routing resource command. Why is there a overlimit value when we are under the 2500 limit count

 

 

LOBAL ROUTING RESOURCE USAGE:
==========
All Routes (total): 1088 (limit 2500)
All IPv4 Routes (total): 1088 (limit 2500) (overlimit counts

...

BlackNurse Denial of Service Attack

http://www.netresec.com/?page=Blog&month=2016-11&post=BlackNurse-Denial-of-Service-Attack

Has anyone here tested the effect of this on any PAN-devices ?

http://blacknurse.dk says:
LIST OF REPORTED AFFECTED PRODUCTS :
Cisco ASA 5515, 5525 (default setting

...

Dulle by L2 Linker
  • 3784 Views
  • 4 replies
  • 0 Likes

Resolved! Different subnets on the same interface

Hi,

 

my ISP has assigned me with a /30 for the p2p connection and it is routing a /24 public subnet towards that /30. Meaning the WAN interface in the Palo will have to respond to many different ips on two different subnets. I haven't found any Kb tha

...

myrdin by L2 Linker
  • 9503 Views
  • 10 replies
  • 0 Likes

Block page for security policy matches

Is there a way to return a block page to users when their connection is blocked not by the URL-filter but by a security policy?

 

We have a security policy that blocks all outbound traffic to a list of foreign countries.  The problem is when users atte

...

fmurray by L1 Bithead
  • 1657 Views
  • 1 replies
  • 0 Likes

how to install PANOS in new HD

Hello Community,

 

I have my PA2020 with issues. The device is booting from PanOS Bootloader.

 

What is the proceess to upload and install again the PANOS?.

 

PA2020.JPG
Apadilla by L3 Networker
  • 2753 Views
  • 5 replies
  • 0 Likes

Is there any reason that tunnel interface will go down

Hi There,

 

I configured two IPSEC VPN on PA, as PA has two ISP connectivity. Configured a PBF to forward the traffic through primary tunnel interface and enabled monitoring to monitor trust interface of remote PA. A route was configured to forward the

...

fozail by L3 Networker
  • 3812 Views
  • 7 replies
  • 0 Likes

Resolved! Snapchat

Has anyone had success blocking Snapchat? We have a rule for blocking "bad" apps and Snapchat is presently in this list. In testing I can see that a reset-both occurs when the firewall detects the traffic and the application is recognized as Snapchat

...

rmiller1 by L1 Bithead
  • 12101 Views
  • 12 replies
  • 0 Likes

Resolved! Miner polling interval ?

I can't find information about polling interval in Dev guide or 'How to Write a Simple Miner'. What's the minimum, 1s, 60s ? Can it be cron like with day of the weeks or months etc (but less than 60s) ? 

niuk by L3 Networker
  • 5016 Views
  • 2 replies
  • 0 Likes

Resolved! Put Cisco MAC on PAN firewall? / Change interface MAC address

We're migrating from Cisco ASA to PAN firewalls.

The ASA is default gateway for many subnets & hosts.

 

To achieve a smooth migration, one thought is to put the ASA's MAC address on the PAN firewall, so that the hosts don't need to ARP for the new MAC.

 

...

khuang by L0 Member
  • 2394 Views
  • 3 replies
  • 0 Likes

multi-vpn

Is it possible to use a single install of globalprotects with multi vpn connections? I know you can set it up on a cisco vpn client but I don't see a way to do it on the GP client except for manualy changing the portal and lately that hasn't worked a

...

jdprovine by L4 Transporter
  • 2501 Views
  • 7 replies
  • 0 Likes

Change HDD in PaloAlto 5000 raid

Hi,

 

We have a PA-5000 with 2 HDDs. One of them had an error and we asked for RMA. We have received 2 HDD for replacement.If the new HDD has the same part-number as the old HDD working , we wil only add a new HDD but if the model is different we have

...

  • 24007 Posts
  • 102 Subscriptions
This widget could not be displayed.
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks