This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Resolved! Replace 'srcloc' for RFC1918 IPs?

We are using the 'srcloc' field in our logs, and it's pretty handy for Out-->In traffic. But for In-->Out traffic, we get the "10.0.0.0-10.255.255.255' value. This is MUCH too large and a lot less useful. Is there a way to edit the table so that we use a custom code for RFC1918 addresses instead?

ptrivino by L0 Member
  • 2891 Views
  • 2 replies
  • 0 Likes

PAN OS 8 Could not connect to Cloud : SSL/TLS Authentication Failed

After an upgrade to PAN OS 8 i keep getting this critical event and i've seen it on multiple firewalls. domain: 1receive_time: 2017/02/27 10:20:46serial: xxxxxxxxxxseqno: 3449381actionflags: 0x0type: SYSTEMsubtype: generalconfig_ver: 0time_generated: 2017/02/27 10:20:46dg_hier_level_1: 0dg_hier_level_2: 0dg_hier_level_3: 0dg_hier_level_4: 0vsys...

Resolved! What is the difference between a named configuration and device state

I have a PA-200 that I need to reset to default factory settings, and I usually grab the configuration, export it and then import it, but then I saw "export device state" and how that would speed up the process if I grabbed that right before the reset. I looked around and I am still a little fuzzy as to what the difference between the files are,...

tebert by L1 Bithead
  • 7246 Views
  • 2 replies
  • 0 Likes

PAN-OS 8.0 - Automatic SSL Decryption Exclusion

Out of curiousity...Doesn't seem too technically smart for a firewall / security appliance come built-in with 121+ Internet based domains to include foreign domains which are automatically excluded from SSL Inspection: From the user help doc: Predefined decryption exclusions allow applications and services that might break when the firewall decr...

SSL_Decryption.JPG

Problem wildfire logs after upgrade fw from 6.1 to 7.1

Hi alli have 2 firewalls managed by panorama, everybody with 7.1.5 recently upgraded from 6.1.I have a wildfire public cloud configured for an smtp rule to check any file contained in every mail.A wildfire analysis object profile: After the upgrade i don't see any more in the Monitor-Data filtering- forward/wildfireupload-skip/success.And i ...

wildfire.JPG

Routing issue

Hi, We are expecting a routing problem. Our Pa is learning router from eth1 from OSPF, so the VoIP traffic is going through this interface properly, on the another hand we have a VPN configured in another ISP just in case OSPF goes down. the problem is that OSPF is working fine and suddenly some connections (same source/destination) are going th...

Captura1.JPG

ACC graphs misrepresent the start times and the amount of traffics got transfed

Hi, I have an session this morning that ran from 7:38 to 9:29. The traffic log shows it recevied 6.5GB data and sent 473MB in that session within that period of time. If I go to ACC and select 6 hours and filter by application, From this screenshot, I am under the impression (Under the User|Source|Destination IP Activity), that session happ...

Screen Shot 2017-02-24 at 10.11.15 AM.png
Screen Shot 2017-02-24 at 10.22.40 AM.png

Disable Hardware Offload

Hi All, Whats the purpose of "Disable Hardware Offload" in Palo Alto Firewall ? Any traffic that is offloaded to the field-programmable gate array (FPGA) offload processor is also excluded, unless you turn off hardware offload. Can anyone please explain this more simpler manner, which i cant underrstand the concept and where to apply this ? Than...

Usage of Security Policy in Palo Alto Firewall

hi All, I am bit confuse of the usage of rule no 2 and 3. Eventually they will deny the traffic. But which two benefits are gained from having both rule 2 and rule 3 presents? Any clarification please.A. A report can be created that identifies unclassified traffic on the network.B. Different security profiles can be applied to traffic matc...

PA1.JPG

PAN-OS 8.0 Updates

I've recently upgraded a lab 200 to 8.0 from 6.1.4. After upgrade I couldn't get it to connect out for Software or Dynamic updates, getting an error saying no connectivity basically. I saw the changes about where communication via the mgmt interface has changed, and thought I had accounted for everything correctly, but I guess I must have missed...

Resolved! SIP aged-out session being left in the DISCARD state

Hi Guys, Has anyone come across this when the aged-out SIP session being left in the DISCARD state and the only way you can fix the issue is to clear the session with > clear session id 380025 command. xxxxxxxxxxxxxx(active)> show session all filter source xxxxxxxxxxxxxx----------------------------------------------------------------------...

Resolved! How do you do validation testing?

Hi all, I'm wondering if any of you do your own validation testing of security patces for PAN-OS and vulnerabily signatures. Example being, do you confirm your edge is vulnerable to a specific CVE, and then after patching do you confirm it's no longer vulnerable, and if so (any version of this kind of thing) what tools or processes do you use t...

Bug in GlobalProtect client

Hello, Global Protect client MSI is not installed correctly. Uninstall string is not correct : msiexec /I should be msiexe /X Silent uninstall of current version (3.1.4-7) in my case : MsiExec.exe /X{6AC613AB-3F53-424B-BED2-570C7869F30F} /QN Latest version 3.1.5-9 has the same error / problem.

Resolved! Help issue, wildefire dosn't upload file anymore

Hi alli have this little issue.We have activated wildefire on smtp to control and upload any permitted files to cloud for analysis. It started well and for a 6 days it sand files ad after malicious submissions it started to block files.But the last 2 days it stopped the process and in log we found only alert/forward and no more wildefire-upload...

  • 24379 Posts
  • 123 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks