General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

scp export with unexported-only option

Hi,

I would like to know how to use the unexported-only feature with this command:

scp export log traffic to user@ip:/path/test.csv start-time equal 2016/08/14@00:00:00 end-time equal 2016/08/14@23:59:59

 

Also is it possible to invoke it through the API

...

amagri by L1 Bithead
  • 3462 Views
  • 4 replies
  • 0 Likes

Static Routes not Working

I have a network with in my network that I am trying to control access with user-id in the palo alto.  Before I can do this I need to get routing working.  The routing works just fine up to the palo alto in my test environment.  Each interface can ta

...

trees by L1 Bithead
  • 6194 Views
  • 4 replies
  • 0 Likes

Traps Host Information

Hi,

 

Are there any plans to include IP addresses in the logs emitted from the Traps ESM server? Currently only the system hostname appear to be in the logs, per documenation. IP addresses could be useful for querying against flow, pcaps, etc.

 

Thanks!

J

...

application not working.

I had a customer connecting to an application from trust to untrust. It was working and then suddenly stopped working.

I could see in the logs it was coming as port 443 and application -incomplete and then next day it started working with port 443 and

...

about mtu

Hello all,

 

There is a problem with a smb traffic(very very slow)

For the related source and dest. ip address 2 filter is configured and show counter output has :

 

flow_fwd_mtu_exceeded 9 3 info flow forward Packets lengths exceeded MTU
flow_ipfrag_frag

...

PanIst by L3 Networker
  • 1896 Views
  • 1 replies
  • 0 Likes

Resolved! Blocking macro-enabled Office files (docm, xlsm, etc)

The available file types that can be filtered doesn't include Office documents with macros (docm, xlsm, etc).  These are being used now to sneak garbage into the network.  Is there a way to ID them or are they on the horizon for inclusion in the file

...

gleduc by L1 Bithead
  • 8997 Views
  • 4 replies
  • 0 Likes

Resolved! Domain names in Security Policy

Does anyone know if it's possible to use a domain in a security policy? I know that I can use FQDN but what happens if I need to allow a wider range, such as *.zoom.us? Can this be done or am I out of luck?

BPry by Cyber Elite
  • 3620 Views
  • 4 replies
  • 0 Likes

MIB Value for Zone count

Hey all,

 

I've been digging around and just can't seem to find the answer to this so I'll ask here. I'd like know if there is an OID MIB value to the number of Zones currently configured on any particular firewall. I've browsed/search this OID: 1.3.6.

...

steveo by L3 Networker
  • 1993 Views
  • 0 replies
  • 0 Likes

GlobalProtect - Client Certificates Deployment

Greetings,

 

I have used the following article to distribute client certificates for GlobalProtect:

 

https://live.paloaltonetworks.com/t5/Configuration-Articles/How-to-Issue-Certificates-to-GlobalProtect-Devices/ta-p/53642

 

My understanding is that with

...

Creid by L0 Member
  • 1855 Views
  • 2 replies
  • 0 Likes

QoS and interfaces - some conception advice needed

Hello

 

I will migrate fom PA200 to PA500. I have some local networks (DMZ, Wifi for students, Wifi for stuff, LANs)

I need to use QoS but I need some advice with that.

 

I know that I can controll only on outgoing interfaces but I have no idea how to get

...

_slv_ by L4 Transporter
  • 2677 Views
  • 6 replies
  • 0 Likes

Resolved! VM-300 Steps validation

Can some please these are the initial steps for setting up VM-300 in NSX?

 

1) Register auth codes for VM's

2) Download the base-image on he VM that will host  VM-300 firewall

3) When download of sofware is complete I should UUID an dCPUUID

4) After base

...

Mounting Orientation for PA-500 (Vertical - Wall Mount)

Does anyone know if the PA-500 can be mounted using a 19" Rack mall mount bracket?

(Front = Up) (Back = Down).

Using something similar to this?

https://www.startech.com/Server-Management/Racks/2U-19in-Steel-Vertical-Wall-Mount-Equipment-Rack-Bracket~RK2

...

mjdut18 by L0 Member
  • 1394 Views
  • 1 replies
  • 0 Likes
  • 24304 Posts
  • 99 Subscriptions
Top Solution Authors
Top Liked Authors
Labels