General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

VMware View rules configuration

Does anyone have any information on how to get user-id to work with a VMware View security server sitting in the DMZ? Right now the only way we can get PCoIP traffic to flow to is by specifying the ip of the VDI machine that is being connected to. Wh

...

Global Protect Troubleshooting

I have a portal and 3 gateway's setup.  From my home network and a couple other home networks Global Protect works with no issues,  We can disable the client, re enable it, change to different gateways on the fly and it connects right up.

Now for some

...

Global Protect: insert portal address via registry

With the help of a software deployment tool, we are looking to install the the GP client (v2.1.0) and then follow it up with a bat file to insert the portal address into the registry.  We want this to apply to all users.. (HKEY USERS).. however, the

...

rrau by L3 Networker
  • 3220 Views
  • 2 replies
  • 0 Likes

Upgrade to 5.0.14-h3 stopped traffic

We just attempted to upgrade some 5020's to 5.0.14-h3(mainly to patch the evasion vulnerability) and quickly found that the upgrade broke traffic traversing the firewall.  During the short period of time it we were running on 5.0.14-h3, there were a

...

jambulo by L4 Transporter
  • 1566 Views
  • 6 replies
  • 0 Likes

Resolved! What SSL/TLS versions are allowed for WEBUI

Hello,

I'm trying to verify which SSL/TLS versions and Ciphers the PANs accept for WEBUI connections.  Specifically I am trying to verify that it does not accept connections using weaker Protocols or Cipers and if it is configurable.

Please note that

...

Netflix application rolled in to web-browsing?

Last week I ran an ACC report for the top 25 applications.  Netflix was #3 (university environment, so it's to be expected).  Today, I ran the same report and Netflix (as an application) is no where to be found.  I launched Netflix on my computer to

...

bhelman by L2 Linker
  • 1788 Views
  • 3 replies
  • 0 Likes

Resolved! App-ID for Apple iOS Update

Hi All,

I'm preparing for tomorrow's iOS8 update.  Last year with iOS7, we got slammed on bandwidth.  This year now that we have the Palo Alto, I'm configuring QoS so that the iOS update doesn't eat all of our bandwidth.

Does anyone know what App-ID th

...

wocomike by L1 Bithead
  • 3395 Views
  • 5 replies
  • 0 Likes

User-ID IP mapping

Why does some traffic in the logs not have a user tied to the IP address at times even tho in the logs the IP has a user mapped to it most of the time.  This is causing policy to be dropped down to a different level.

Issue with static routes.

I look after a PA2050 running OS 4.1.8

I am trying to setup 2 new static routes in my virtual router but they are not being picked up when I do a show routing route or show routing fib after a commit.

One of the routes is a new one and the other is a r

...

phild by Not applicable
  • 3304 Views
  • 12 replies
  • 0 Likes

Resolved! How to remove an address-group member via XML API

Hi,

I would like to remove a single member from an address-group, here is the query I am sending:

https://firewall1.it.mydomain.net/api/?type=config&action=delete&xpath=/config/devices/entry/vsys/entry[@name='vsys1']/address-group/entry[@name='NameOfTh

...

Alextc by Not applicable
  • 2770 Views
  • 3 replies
  • 0 Likes

PAN in Layer 2 mode and Microsoft NLB

Hi!

Customer configured Palo firewall to work in Layer 2 mode to protect VLAN. In that VLAN there are two servers in MS NLB configuration. In VLAN configuration in Palo, static MAC entry is configured for virtual MAC address, but that entry isn't disp

...

mkopcic by L2 Linker
  • 2346 Views
  • 4 replies
  • 0 Likes

Resolved! App and Threat Compatibility MisMatch

Hey there,

I have 2 PA-500's currently on:

Software Version6.0.2GlobalProtect Agent1.2.3Application version461-2402 (10/14/14)Threat Version461-2402 (10/14/14)Antivirus Version1391-1863 (10/13/14)URL Filtering version4392

Software Version6.0.2GlobalProt...

Zewwy by L2 Linker
  • 4117 Views
  • 9 replies
  • 0 Likes

Resolved! PA-5020 Fans?

Just checking to see if this is normal.

I got a report today that the fan speed on our PA-5020 will speed up at random times, and calm back down. It's loud enough people can hear it outside of the closet.

Is that normal?

mharding by L4 Transporter
  • 1313 Views
  • 2 replies
  • 0 Likes
Top Solution Authors
Top Liked Authors