General Topics

Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

 

Rules and Best Practices

 

  1. Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion
...

JayGolf by Community Team Member
  • 778 Views
  • 0 replies
  • 0 Likes

HA pair on different os version

I have a HA pair (active/passive) that I want to upgrade from 6.1.11 to a stable version of 7.  I also am using global protect with certs. According to some information I gathered from the community if I upgrade to what I was told was the current mos

...

jdprovine by L4 Transporter
  • 6684 Views
  • 14 replies
  • 0 Likes

Where to apply Anti-Spyware Profiles

I've looked around in various places and can't seem to find a definitive answer on this. In regards to anti-spyware profiles, is there any need to apply these to security policies with a source of the outside Internet zone bound for your inside netwo

...

Resolved! Anyone having issues with Threat ID 40059 (HTTP Brute Force)?

Palo Alto pushed out an update to the HTTP Request Brute Force Attack signature (40059) on 06-15. Since then I've seen a rash of threats being identified from Akamai Technologies IP addresses (about 8 different addresses). I'm wondering if anybody el

...

BPry by Cyber Elite
  • 3614 Views
  • 2 replies
  • 1 Likes

IPsec Phase 2 Lifesize Coutdown

On an Phase 2 IPsec SA with a non-zero lifesize, I see the proposed initial lifesize in the "show vpn ipsec-sa" output,

crclark@<redacted>-pa5050b(active)> show vpn ipsec-sa tunnel <redacted>-cisco-gw

GwID/client IP  TnID Peer-Address           Tunnel(

...

cosx by L2 Linker
  • 8585 Views
  • 5 replies
  • 0 Likes

Identifying Applications

Hi guys,

 

Got an odd one here. Traffic is being identified as a completely different application to what the traffic actually is. For example, see below.

 

I've cleared the dataplane cache and re-downloaded the DB categorisation as per the document

...

traffic application.png

New to Palo Alto

Hi all

I am a firewall engineer and I am completely new to Palo Alto firewalls. Would any of you be able to recommend any training, certification I should start with?

 

Thank you in advance. 

 

M

cve-2009-3555

Hello

 

When scanning management interface or enabled https layer3  interface it shows the related vulnerability,

 

is there a way to fix.version is 6.1.10

 

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-3555”

 

thanks.

 

PanIst by L3 Networker
  • 2868 Views
  • 2 replies
  • 0 Likes

Custom DNS name

We have a DNS name genieo that is not being recognized and is not included in the signatures. Two things first is there a way to identify it with a custome signature with the object/anti-spyware  and then be able to send it to a sinkhole?

jdprovine by L4 Transporter
  • 4153 Views
  • 10 replies
  • 0 Likes

Related with QoS...

Hi,

I'm trying to understand a QoS functionality, let's see if anyone can help on this case.

I have a webserver on a DMZ and want to asure 15Mb from inside to outside, that is, in case of congestion in DMZ, priorize the Http traffic (respond http reque...

ilnanu by L1 Bithead
  • 5941 Views
  • 8 replies
  • 0 Likes

FTP connections jumping rule

Hi,

 

we have 2 rules. the first one filtering by application FTP 

and the second one with the same source/destination like the rule above and using any/any permit.

 

We run ftp connections. all these FTP connections should match in the first rule fi

...

Captura1.JPG
Capturasegunda.JPG

Policy for AD authentication across zones

Trying to narrow it down and determine the minimum set of applications/services that need to be allowed for a user to login into a Windows 7 client in one zone and authenticate against a Server 2008R2 AD Domain Controller in a different zone? The Win

...

Port 4443

It has been noted that our global protect portal is reachable from the internet using port 4443 and is presenting a self signed cert which is seen as a security vulnerability. Can you let me know if port 4443 is necessary in terms of GlobalProtect co

...

  • 23986 Posts
  • 115 Subscriptions
Top Solution Authors
Top Liked Authors
Labels