General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

How and Why to Accept a Solution to Your Post

Did you know that you can help your fellow community members by accepting solutions when a reply answers your question. Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature

...

JayGolf_0-1691518400714.jpeg
JayGolf by Community Team Member
  • 2849 Views
  • 2 replies
  • 13 Likes

PA-VM Update Check Fails

We have recently deployed PA-VM to ESXi for testing and we have found that any attempt to upgrade the unit fails with a very vague message.

 

cfg.platform.serial': NO_MATCHES 'cfg.general.vm-mode-type': NO_MATCHES 2016-03-10 09:14:42.447 -0800 updater ...

xandout by L1 Bithead
  • 8028 Views
  • 10 replies
  • 0 Likes

7.0.3 upgrade

I am planning on upgrading the PA 5050 os from 6.1.7 to 7.0.3. I have been reading over the changes and I think it would be beneficial to see examples instead of description of what changes are , anyone have any recommendations

jdprovine by L4 Transporter
  • 10175 Views
  • 27 replies
  • 0 Likes

Resolved! Block Vpn

Hi,

How to block ssl vpn and  ipsec vpn going from trust to untrust .

 

I suspect few users are using  like free vpn services like  tunnel beer and hola vpn .

 

How can i  search those users  from palo alto log.

 

Some users are connected from inside

...

sib2017 by L4 Transporter
  • 3601 Views
  • 2 replies
  • 0 Likes

PA doesn't cover DROWN Attack?

A customer has been warned about DROWN attack (https://drownattack.com/) on one of its servers. As a server is behind PA I thought there was no risk. But searching through signature database I didn't find anything about DROWN attack. I've also checke

...

santonic by L6 Presenter
  • 5033 Views
  • 8 replies
  • 1 Likes

Resolved! Multiple PBF probes?

We would like to configure PBF to failover when several conditions are met. For instance, if we can't ping our next hop AND we can't ping some public server(s). The idea being, while our next hop might be pingable, there may be a routing issue in the

...

cburke by L1 Bithead
  • 3119 Views
  • 5 replies
  • 0 Likes

UserID instances

I would like to know if we can use the same UserID agent software for 2 domains in different windows machines. If we cant do it, we need to know if we can run 2 diferent instances of UserId agent in the same windows machine pointing to 2 different do

...

"Unusual traffic from your computer network"

Hi,

Users are often getting the message from google and they are forced to enter captcha  "Unusual traffic from your computer network",when i check palo alto it seems very normal . 

Is there a way to classify  or monitor the users who really sending

...

sib2017 by L4 Transporter
  • 7456 Views
  • 1 replies
  • 0 Likes

Resolved! Can we tweak a vuln threat sig settings?

I'm looking to tweak the "40015 SSH User Authentication Brute-force Attempt" which currently fires at 20 ssh attempts within 60 seconds - I'm looking to increase that 20 number. For some reason I can't think of how to easily tweak it right now... may

...

ulti by L3 Networker
  • 4815 Views
  • 2 replies
  • 0 Likes

Software packet buffer depletion

We're currently observing something quite interesting:
On our highly oversized PA-5050 firewall, software packet buffer 0 is, for several hours a day exhausted.

 

This is the platform (pair that runs in High Avalailability A/P):
family: 5000
model: PA-5

...

Dulle by L2 Linker
  • 6677 Views
  • 6 replies
  • 0 Likes

Resolved! OSPF with redundant route

Hello.

Currently we use OSPF as our routing protocol between five locations over a layer two IP Ethernet network provided by telco A. In order to get carrier diverse routes and add redundancy we are adding a second similar network provided by Telco B

...

ldavie by L2 Linker
  • 3628 Views
  • 3 replies
  • 0 Likes
  • 24006 Posts
  • 99 Subscriptions
Top Solution Authors
Top Liked Authors