This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Resolved! PANs as internal routers?

We are planning to make our Palo Alto (pair) into the main internal router for a decent sized enterprise data center and about 300 users. A pair of Arista routers will be our external WAN/BGP routers. Is using the PAN as a router considered a best practice? Is it an acceptable practice from a speed/performance perspective? We plan to hairpin a l...

dlazzaro by L1 Bithead
  • 6168 Views
  • 5 replies
  • 1 Likes

New-old VM models

Hi All, I have been updated with new information on "Colossal event" , but some things remain grayed... Example, I have VM-100 almost five years in production environment and I see that it got muscles right now. So I have several doubts regarding my "old" VM-100... What going to happend with licensing fee if consider resource increasing?How to ...

Tician by L3 Networker
  • 5353 Views
  • 5 replies
  • 0 Likes

Corporate Credential Submission / Phishing protection in PANOS 8.0

Good Morning, I'm lucky enough to work with a few early adopters and have PANOS8.0 running in several production locations on VM and 3000 series appliances. So far, business as usual with the "old" feature set.... I've now setup Credential Protection on two of these sites, using the RODC method to spot username/password combos, rather than just ...

Dpeters1 by L2 Linker
  • 3016 Views
  • 1 replies
  • 1 Likes

How to exporting URL log to CSV with comma inside URL field?

Hello, I'm exporting the URL log to CSV file (I'm using CLI csp export), but I'm having a issue when I try to import this log in MS Excel because some URL have a comma, that break the columns in a wrong way.Anybody knows if is there a way to export the URL field between double quote? I'm think that user_agent field can do the same issue.

Lauro by L1 Bithead
  • 6679 Views
  • 8 replies
  • 0 Likes

Resolved! EBL policy (URL & IP)

Hello, We have succesfully implemented the EBL with an Dynamic IP List,We also want to block destinations URL based , so i've created an Dynamic URL list. Is it possible to combine both objects into one security policy or do I have to create seperate policies?I am not sure about this and hope someone can answer my question. Best Regards,Patrick

ppater by L1 Bithead
  • 2333 Views
  • 1 replies
  • 0 Likes

Log Retention

I forward all my device logs to Panorama. I just noticed that the logs only go back 1 day. How can I enable longer retention? Is there a setting for that?

PANOS Autotag Workflow

I understand we can now add action to dynamic update source / destination IP to our DAG by log forwarding profile. Can i create 2 traffic profile, 1 for forwardining to syslog another 1 to update the DAG? How does it work. Thanks

On-Site-Spare (OSS) revert License

Dear all,Pls help meI transfered license to Spare device for PAN-OS upgrade, now I can not revert the license back to Primary device, is there any suggestion for me in this case?

Huy by L1 Bithead
  • 4100 Views
  • 4 replies
  • 0 Likes

Is there a Captive Portal type solution for non http/https services?

I am looking for a method to force identify users coming in over the internet trying to connect to an internal resource using MS-RDP. I originally thought I could use Captive Portal for this but CP documentation indicates its only works with HTTP & HTTPS....obviously this makes sense because without an http interpreter, how else could an app...

Ethernet logs on palo alto

My internet link is terminated on ethernet 1/3 of palo alto firewall, how can i can find ethernet logs on firewall to troubleshoot circuit issue and report it to service provider?

Resolved! Looking for PANOS 8.0 spec sheet

Hi, With the new hardware platform (PA220, 800 series and 5200 series) and new PAN OS 8.0 released. I am looking for a comprehensive cheat sheet that has all the limitation on all the PAN firewalls running on 7.1 and 8.0, ie, # of ARP# of ipv6 neighbor table# of vlan supported # of IPv4 routes# of IPv6 routes# of RIP # of OSPF Peers# of BGP ...

DIPP A/A Enviroment Floating IP

Hi Guys, we´ve an Active/active Cluster enviroment. For the normal Internetconnection we will use Source/Hide NAT (DIPP).At the moment we will NAT on both firewalls the traffic through the interface IP. This works fine, the failover isok only one paket lost during failover. The proble is, that in the case of an failover the Users will access the...

mschwab by L1 Bithead
  • 3014 Views
  • 3 replies
  • 0 Likes

topology

Hi, I have the below topology .Planning to put PA in vwire mode in betweent the asa and core in active standby.If r1 fails and asa1 is active and asa2 is standby ,asa2 will become active .. Lets say pa1 is active and pa2 is standby .When asa changes active standby order ,is it possible pa changes the same order as asa do . Or what is the pros ...

PA.png
sib2017 by L4 Transporter
  • 5567 Views
  • 8 replies
  • 0 Likes

Opened session remains after threat triggered block-ip. WTF!

Hi, I've been testing the block-ip action in spyware DNS signatures. I was an RDP session before the threat triggered the block-ip action. Then, no more connections are allowed (what is OK), but the RDP session remains open. Is this a normal behaviour? I think the FW should reset all the sessions previosly established for the blocked IP, shouldn...

ACortes by L2 Linker
  • 2820 Views
  • 1 replies
  • 0 Likes
  • 24381 Posts
  • 123 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks