General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

How and Why to Accept a Solution to Your Post

Did you know that you can help your fellow community members by accepting solutions when a reply answers your question. Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature

...

JayGolf_0-1691518400714.jpeg
JayGolf by Community Team Member
  • 2931 Views
  • 2 replies
  • 14 Likes

Traps Host Information

Hi,

 

Are there any plans to include IP addresses in the logs emitted from the Traps ESM server? Currently only the system hostname appear to be in the logs, per documenation. IP addresses could be useful for querying against flow, pcaps, etc.

 

Thanks!

J

...

application not working.

I had a customer connecting to an application from trust to untrust. It was working and then suddenly stopped working.

I could see in the logs it was coming as port 443 and application -incomplete and then next day it started working with port 443 and

...

about mtu

Hello all,

 

There is a problem with a smb traffic(very very slow)

For the related source and dest. ip address 2 filter is configured and show counter output has :

 

flow_fwd_mtu_exceeded 9 3 info flow forward Packets lengths exceeded MTU
flow_ipfrag_frag

...

PanIst by L3 Networker
  • 1840 Views
  • 1 replies
  • 0 Likes

Resolved! Blocking macro-enabled Office files (docm, xlsm, etc)

The available file types that can be filtered doesn't include Office documents with macros (docm, xlsm, etc).  These are being used now to sneak garbage into the network.  Is there a way to ID them or are they on the horizon for inclusion in the file

...

gleduc by L1 Bithead
  • 8562 Views
  • 4 replies
  • 0 Likes

Resolved! Domain names in Security Policy

Does anyone know if it's possible to use a domain in a security policy? I know that I can use FQDN but what happens if I need to allow a wider range, such as *.zoom.us? Can this be done or am I out of luck?

BPry by Cyber Elite
  • 3276 Views
  • 4 replies
  • 0 Likes

MIB Value for Zone count

Hey all,

 

I've been digging around and just can't seem to find the answer to this so I'll ask here. I'd like know if there is an OID MIB value to the number of Zones currently configured on any particular firewall. I've browsed/search this OID: 1.3.6.

...

steveo by L3 Networker
  • 1924 Views
  • 0 replies
  • 0 Likes

GlobalProtect - Client Certificates Deployment

Greetings,

 

I have used the following article to distribute client certificates for GlobalProtect:

 

https://live.paloaltonetworks.com/t5/Configuration-Articles/How-to-Issue-Certificates-to-GlobalProtect-Devices/ta-p/53642

 

My understanding is that with

...

Creid by L0 Member
  • 1809 Views
  • 2 replies
  • 0 Likes

QoS and interfaces - some conception advice needed

Hello

 

I will migrate fom PA200 to PA500. I have some local networks (DMZ, Wifi for students, Wifi for stuff, LANs)

I need to use QoS but I need some advice with that.

 

I know that I can controll only on outgoing interfaces but I have no idea how to get

...

_slv_ by L4 Transporter
  • 2540 Views
  • 6 replies
  • 0 Likes

Resolved! VM-300 Steps validation

Can some please these are the initial steps for setting up VM-300 in NSX?

 

1) Register auth codes for VM's

2) Download the base-image on he VM that will host  VM-300 firewall

3) When download of sofware is complete I should UUID an dCPUUID

4) After base

...

Mounting Orientation for PA-500 (Vertical - Wall Mount)

Does anyone know if the PA-500 can be mounted using a 19" Rack mall mount bracket?

(Front = Up) (Back = Down).

Using something similar to this?

https://www.startech.com/Server-Management/Racks/2U-19in-Steel-Vertical-Wall-Mount-Equipment-Rack-Bracket~RK2

...

mjdut18 by L0 Member
  • 1336 Views
  • 1 replies
  • 0 Likes

User-ID causing high CPU

Hello People, 

 

My client has receently upgraded to 7.1.3 and now the management plane is constantly running 100% on all firewalls. 

 

This is the following message displayed and filling up the userid.log

 

2016-07-22 16:43:38.660 +0100 Error: pan_user_id

...

Looking to Learn Palo Alto

Looking for advice on cheapest way to learn Palo Alto? I am a consultant and dont have any Palo Alto licenses. Is a VM lab license affordable, is there trials or is ebay the best option?

 

Thanks in advance!

daveram by L0 Member
  • 4018 Views
  • 8 replies
  • 0 Likes
  • 24029 Posts
  • 99 Subscriptions
Top Solution Authors
Top Liked Authors