Enhanced Security Measures in Place:   To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.

General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Ensuring a Safe and Secure Community: How You Can Help

 

Dear LIVEcommunity Members,

 

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

safe-community_oct24.jpg
report-content.jpg
jforsythe by Community Team Member
  • 28 Views
  • 0 replies
  • 0 Likes

show counter global filter category flow aspect dos

 

Hi,

 

 

Below is  output of  'show counter global filter category flow aspect dos' 

 

What does it mean by value and rate . Does it mean '143291' packets dropped ?     

 

namevaluerateseveritycategoryaspect      flow_dos_red_tcp11432910dropflowdosf...

sib2017 by L4 Transporter
  • 4699 Views
  • 11 replies
  • 0 Likes

PA blocks outbound port 10443, doesn't show up in logs

I have and external website that I need to access on port 10443: https://<public IP>:10443. The connection never completes and times out. 

 

If I pull the PA FW out and throw in an ASA, works just fine. The logs on PA don't even show port 10443 being

...

dclark1 by L1 Bithead
  • 3574 Views
  • 8 replies
  • 0 Likes

SMTP weird characters

Hi everyone!

My client's SMTP traffic goes through ASA and Palo Alto and some other network application devices such as proxies and stuff.

At some point, the SMTP message gets some SMTP characters added.

 

I removed ASA ESMTP inspection just in case, and

...

incomplete and ddos drops

Hi

The following report shows incomplete

Database: Traffic Log
Columns: Source Zone, Source Address, Source Port, Destination Zone, Destination Address, Destination Port,
Application, Bytes
Query Builder: (app eq incomplete) and (port.dst leq 1023)

but

...

sib2017 by L4 Transporter
  • 1698 Views
  • 1 replies
  • 0 Likes

Importing device into Panorama with shared objects

Hello

 

I would like to import device into Panorama with all objects as shared into Panorama. I read the below line from PA documentation 

Import devices' shared objects into Panorama's shared context is enabled by default, which means Panorama imports ...

Download of Panorama for VM-Series Base Images

Dear PA,

 

Is there any release of Panorama for VM-Series Base Images available to download? If yes, where and how.

I need it to run in the VMware workstation player to test. 

I didn't see the in the software  Updates of my account. 

 

thank you.

 

r

...

Resolved! Aperture use

HI, anyone out there use Aperture yet? I have trial license which I have setup and added polices. Now what is suppose to happen? I see it show me Im now monitoring Salesforce and box.com but  as show below everyting is showing "0's after a week of ru

...

Screen Shot 2016-04-20 at 8.59.12 AM.png

Source IP address is set to "none"

Hello All,

 

Lately I am noticing some polices that the Source IP address set to none as shown below can anyone let me know if none act like any or not?

I think yes as I created policy from Noc_OSS zone with IP add 192.168.*.* toward Default zone wit

...

none.PNG
M.Hafi by L1 Bithead
  • 4470 Views
  • 6 replies
  • 0 Likes

Ethernet interfaces randomly resets

Hi,

 

I have an issue, I'm running PA-200 with PAN-OS ver. 6.0.12

 

I'm running Palo in Virtual Wire mode Eth1/1 is untrusted zone and Eth1/2 is trusted zone.

My problem is that from unknown reason the interfaces randomly just freeze (LEDs are going

...

ScreenShot412.png
jac_nor by L0 Member
  • 1986 Views
  • 3 replies
  • 0 Likes

Resolved! flush-dns flag in GlobalProtect registry resets to "no"

I'm currently having an issue with users having to do "ipconfig /flushdns" in order to gain access to certain network resources when connecting to VPN.

 

There is a registry entry called "flush-dns" located under HKEY_CURRENT_USER\Software\Palo Alto

...

as-mg by L3 Networker
  • 5747 Views
  • 1 replies
  • 0 Likes

Restart UserID will affect to the service?

Hi,

 

If i run these commands in FW will affcet to the service???

 

Please try restarting the User-ID 
>Debug software restart process user-id

>Debug user-id reset user-id-agent all

 

How log affect to the users? Should i ask for a window maintenance

...

Active-Active NAT Rule Binding

I can't find anything which goes into enough detail on Active-Active design around NAT and more importantly ARP.

The easiest way to explain the current deployment is as follows:

  • Site 1 / Firewall A
  • Site 2 / Firewall B

Each firewall is connected to uni

...

CHammock by L2 Linker
  • 4466 Views
  • 3 replies
  • 0 Likes

Best practice for blacklisting App-IDs

What is the best practice for blacklisting potentially harmful Application ID's(from "trust" to "untrust" over 80/443)?

 

I started blocking on specific App-ID's, but maintaining this blacklist per App-ID will be kind of cumbersome.

 

I'm thinking ab

...

jambulo by L4 Transporter
  • 3597 Views
  • 4 replies
  • 0 Likes
  • 23584 Posts
  • 107 Subscriptions
Labels