General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

How and Why to Accept a Solution to Your Post

Did you know that you can help your fellow community members by accepting solutions when a reply answers your question Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature

...

JayGolf_0-1691518400714.jpeg
JayGolf by Community Team Member
  • 1968 Views
  • 1 replies
  • 11 Likes

TRAPS Syslog Timezone format

The TRAPS User Manual states that the date/time of the each logged event is in UTC.  Unfortunately, when sending logged events from the ESM to a Syslog server, the timezone is not specified so that Syslog server cannot correct the time to the local T

...

jwolach by L4 Transporter
  • 1578 Views
  • 0 replies
  • 0 Likes

Report about all rules from zone 1 to zone 2

Hello,

 

After a Migration I have many rules from zone1 to zone2 set to any any.

Some of them are highlighted as not used rules.

 

I think about a report of all Rules displaying their activity without copying and pasting each rulename to a custom rep

...

rkra by L2 Linker
  • 1467 Views
  • 1 replies
  • 0 Likes

Resolved! Limitation IPsec VPN performance

Hello

 

I have 2 PA-500 in active-passive mode (Pan-os 6.1.0)

In the model specification PA-500 shows that "IPsec VPN performance" is 50 Mbps.

I want to make an IPSec VPN tunnel with a cloud provider. The speed that gives me supplier for the tunnel is

...

About Share Level

Quick note about share_level attribute in indicators

 

Each indicator has an associated share_level attribute. There are 3 possible values for this attribute: RED, YELLOW or GREEN. This attribute is added to the indicator by the Miner to signal to ot

...

lmori by L7 Applicator
  • 10775 Views
  • 0 replies
  • 2 Likes

Panorama 7.0.6

Hi,

 

We have several Palo Alto FWs in diferent PanOS. W want to update our panorama to version 7.0.6 but we dont know if this panorama in 7.0.6 could manage FWs in PanOS 5.0???

 

Regards,

Jesus C.

Resolved! Panorama userid obfuscation

For a new panorama deployment, a customer is asking if access to panorama logging can be configured in such a way that the USERID is invisible or obfuscated with a number. View this is in light of user privacy protection in an international context a

...

deecee by L0 Member
  • 1791 Views
  • 1 replies
  • 0 Likes

Blocking LinkedIn-Publish A Post

Has anyone been successful in blocking the Publish A Post option on LinkedIn. I don't kknow how to do custom application blocking if it is needed and tech support just said they would submit a feature request.

 

Thank You

ANorton by L0 Member
  • 2608 Views
  • 3 replies
  • 0 Likes

Resolved! reset-client vs. reset-server

How do you decide on the action for a particular threat? For drop, tcp will still retry. With recent what is the general practice, reset-both, reset-client or reset-server?

Active Directory Testing

Hello Community,

 

My first posting here.

 

I have successfully configured LDAP / Active Directory on my VM ESXi. 

 

My Palo Alto can connect to the AD, see image

However, I don't know how to test to see users in the monitoring logs. I will need a VM

...

LDAP.png

Group Mapping

I have created my LDAP server profile and my group mapping under user identification. However when I try and force the group update I get an error.

 

Server error : op command for client useridd timed out as client is not available

 

Any ideas?

JeffTQT by L2 Linker
  • 2191 Views
  • 1 replies
  • 0 Likes

Resolved! URL FILTERING

 

 

dear engineers.
could you help me!!

I have the following problem with the URL filter:

I commented that I have blocked the streaming media category in which enters youtube

when I open firefox without any problem with the rule applies both http and htt

...

chromeyou.JPG
firefoxyou.JPG
Edluna by L1 Bithead
  • 3235 Views
  • 5 replies
  • 0 Likes

How to resolve simultaneous rekey using IKEv1 IPSec

Hello.

 

We have a VPN between PA and Cisco ASR, and are seeing simultaneous phase2 rekeys.

 

 

SYSTEM,vpn,0,2016/05/02 12:54:25,,ike-nego-p2-simul-delay,x.x.x.x[500],0,0,general,informational,"simultaneous phase-2 rekey request detected, peer is not

...

schung2 by L0 Member
  • 2402 Views
  • 0 replies
  • 0 Likes

Resolved! Support for static local IP and Domain Lists

I'd like to start by saying, that this is an amazing tool! Thanks for sharing this, it has great potential and my customer is excited. One question: is there currently any support for creating and maintaining local IP and domain blocklists on the Min

...

nbilal by L3 Networker
  • 4929 Views
  • 4 replies
  • 0 Likes

Google Drive Sync client with Decryption

There seemed to be a work around in the past where you could launch googledrivesync.exe with a --unsafe_network switch that would allow it to deal with the decryption because they seem to have their own preloaded set of CA's the client trusts and doe

...

bbilut by L3 Networker
  • 2309 Views
  • 1 replies
  • 1 Likes