General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Resolved! Tag Static Routes that are Redistributed by OSPF

I need to tag static routes that are being redistributed by OSPF but I am getting confused on where the tag should be applied. Does the tag need to be applied in Virtual Router -> Redistribution Profile -> OSPF Filter -> Tag or does it need to be specified in the OSP Export Rules in Virtual Router -> OSPF -> Export Rules -> New...

VFW interface is down after configuring

Hi all, I am new to the paloalto vFW. I am using vFW VNF in openstack and after confoiguring the interface 1/1 and 1/2, both interface state is showing as down. I have configured as per the topology made in openstack. Please suggest how to make interface state enable.

No management access https since upgrading to 6.0.1

I have upgraded several devices from 5.0.8, but of course the last one has to give me grief. Since upgrading from 5.0.8 to 6.0.1, I can no longer ssh or https to the management port (or any other interface on the firewall). The only way I can get on the box is to ssh to a router that is directly connected, then ssh from there to the firewall (PA...

froggyj by Not applicable
  • 10158 Views
  • 6 replies
  • 0 Likes

Unable to commit

I have a PA-200, managed by Panorama and running 7.1.7. All of the sudden I can no longer commit to the firewall, and I get the error: Details:. Internal error during commit processing. Commit/Validate failed. Invalid configuration. Logs on the firewall have these errors:2017-02-13 09:06:11.914 -0600 Error: pan_cfg_mgr_get_sp_disabled(pan_cfg_m...

Researching information on a phishing attack that we are experiencing

I thought I would reach out and see if the team at Palo Alto or the user community could shed some light on this one. We are experiencing a phishing attack on random workstations (luckily only 5 at the moment) hyjacking Outlook to send out Document Download links to people in an address book. We have not yet discovered the payload or how it is...

1.png
2.png
3.JPG
4.jpg
NickThen by L2 Linker
  • 3558 Views
  • 2 replies
  • 0 Likes

Skype no audio with allow rule

Dear Team, Recently we have experianced a skype no audio issue with the latest skype version. We have allowed skype and skype-probe to a test PC and still we have no audio. But when I do a any application allow then we get clear audio. However, with a old skype (version 7.7) audio is working. (latest version 7.37 ) audio is not working. Could yo...

Panorama CLI Help

Trying to script some panorama configuration and trying to figure out how to do the following: Is it possible to add a managed device to Panorama from the CLIIs it possible to create a template-stack from the CLI?

Resolved! feed authentication with PAN-OS 8.0

I have enabled feed authentication on our MineMeld Server: https://live.paloaltonetworks.com/t5/MineMeld-Discussions/Minemeld-Feed-Password-OR-api-security/td-p/131716 I did a quick test with curl and it works as i expected. Unfortunataly our PAN FW (PAN-OS 😎 did not like the change. I just get the error "URL access error" on the Firewall ...

panos.png
faeppli by L1 Bithead
  • 5733 Views
  • 2 replies
  • 0 Likes

gamenet.ru false-positive

Hello,​I represent GameNet technical support service (www.gamenet.ru). We are designed an application QGNA for our customers (over 10 000 000 people) for game launch.​Direct link for test on VirusTotal:https://www.virustotal.com/ru/file/6f6f19e994c1c7049ce4b3db06f6ab93aaa353557b68e2232f2178e97f4968bd/analysis/1488899966/​Waiting for your respons...

Resolved! Monitor subinterfaces and get NetFlow statistics

Hi,We have a PA-5020 and configured a few AGG interfaces with subinterface; recently, we installed a SolarWinds NTA to get NetFlow statistics, but I am not able to get anything from this device.I have created a profile and applied to the subinterface through which the Internet traffic goes, but it does not send any information to the NetFlow col...

MMCiobanu by L3 Networker
  • 16984 Views
  • 20 replies
  • 0 Likes

Resolved! blocking apps on non-default ports

Hi, Sadly don't have PA to play around at the moment, so have to pass this question for all you out there as I'm sure I cannot be first one with such an idea. What is the best way to block apps on their non-default ports?Basically, allow apps ONLY on their application-default ports. My first thought was like:Rule1 - src: trust, dst: untrust, app...

nikoo by L3 Networker
  • 4845 Views
  • 4 replies
  • 0 Likes

Resolved! Can I enforce security based in AD Computer groups yet?

I see history here indicating the user-id agent has been blind to computer names when the group membership is added to user IDs. The CLI DOES show the computer name as a userID (with a post-pended $) and the groups are mapped correctly to the computer group I created and dumped the computer in. On the other hand the USER signed into that comput...

JWileyR by L1 Bithead
  • 4729 Views
  • 3 replies
  • 0 Likes
  • 24400 Posts
  • 123 Subscriptions
Top Solution Authors
Labels