General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Resolved! Custom applications and application override

I'm looking to get a better understanding of how custom applications work in relation to application override policies vs security policies. I have created a simple custom application with just a tpc port for an internal application. There appears to be two unrelated routes I can then take with this new application.1. I can add it to the applica...

Priority in PAN-QoS

Hi, When you are configuring QoS, it's possible to define more than one profile, and in this profile put 'til 8 Class defined. When you apply over the egress interface, it's possible to add this Class based over an source Subnet. Here is my question, what "priority use" or what is the behaviour if over the same interface applies in ex: From Su...

nanukanu by L2 Linker
  • 4752 Views
  • 5 replies
  • 0 Likes

Resolved! PAN AD Useragent - Excluding users?

Hi.Is it possible to exclude a specific user from the PAN agent configuration?I know you can filter based on group - unfortunately, the user concerned, which is used for several automated processes, is also a member of AD groups which I can't exclude, so it gets reported every time it runs a background process - which is skewing reporting, as th...

dagibbs by L4 Transporter
  • 21380 Views
  • 29 replies
  • 0 Likes

Resolved! PAN-OS 7.1.4-H2 Data filtering and Url filtering logging stops at serveral hours+ SSL decrypt fails

We upgraded a VM100 from PAN-OS 7.0.8 to PAN-OS 7.1.4 H2.We had 0 issues running 7.0.8 but we needed the DHE en EHCDE cipher support Now we have the issue that the Data filtering and Url filtering logging stops at serveral hours.Also some https sites starting to become very slow ands ssl decryption starting to fail for some websites.The vm100(4c...

Resolved! Wildfire verdict malicious and action alert

Hi all, We have seen in Wildfire Submissions that all files identified as Malicious and Grayware the action is Alert. The Wildfire Profile is configures to forward to public cloud and Antivirus profile has reset-both in Wilfdire Action tab. Is this a normal work? This is the Wildfire Submission Thanks a lot,Jordi

image.png
COMIP by L2 Linker
  • 5509 Views
  • 3 replies
  • 0 Likes

Resolved! PAN-SA-2016-0025 Kernel Vulnerabilities

SummaryThe kernel in use by the Management Plane of PAN-OS is vulnerable to CVE-2015-5364 and CVE-2015-5366. (Ref # PAN 52379/87408) Severity: HighThe CVSS Score of CVE-2015-5364 is 7.8, High; while the CVSS Score of CVE-2015-5366 is 5.0, Medium. Those could lead to a Denial of Service attack. What is the attack vector? Clients traffic pass thr...

Resolved! PAN-DB to BrightCloud

Greetings All, I know that we tend to recommend PAN-DB over BrightCloud, but in this instance I have a client who prefers to use BrightCloud. Can someone please confirm how to migrate over correctly. This use to be available in the following link, but now I do not have access to it for some reason: https://live.paloaltonetworks.com/docs/DOC-5554

Resolved! No inbound packets observed

Hello, Trying to troubleshoot an issue of aged-out traffic flow. It was SSH traffic originated from customer's LAN and destined to Internet address. Packet capture was configured on the firewall for troubleshooting but only outbound (but no inbound) packets were observed inside the PCAP files. Tried via WebGUI and CLI. Could it be that the incom...

Farzana by L4 Transporter
  • 4873 Views
  • 2 replies
  • 0 Likes

ACC traffic does not sum up correctly for different time ranges

Hi, Issue: Lets say we filter out web-browsing in ACC to check the traffic amount used by that specific app. We check three different ranges: Week1 - 300 MB & 8k sessions Week2 - 700 MB & 18k sessions Week3 - 1 GB & 23k sessions ... and now we select Week1+Week2+Week3 custom range, basically it contains everything within these we...

nikoo by L3 Networker
  • 5189 Views
  • 8 replies
  • 0 Likes

Resolved! Disk usage steadily increases and high CPU usage

Hi, I integrated a few custom feeds into MineMeld that have a high number of indicators. The dashboard shows 202.4K, across 21 miners. I noticed two things that I'm hoping I can work around: Disk usage is steadily increasing in the /opt/minemeld/local/data directory. Some of the feed directories are over 2GB and increasing. When I left the offi...

Resolved! GlobalProtect 3.1.1 compatibility with PAN-OS 7.0.7

Hi, I would like to know the recommended version of GlobalProtect if we have PAN-OS 7.0.7 running in our environment. We want to install GlobalProtect 3.1.1 but we are no sure about the compatibilty with 7.0.7. Could you please advise? Regards,Sharief

Standby Palo Alto Restarted automatically

Dear Experts, One of our PA firewall (2050) model that was in standby mode , restarted automatically. After checking the system logs , i found the message ( in sequence) as shown below. 1. 'md_mgr-apps: restarts exhausted, rebooting system'2. 'The system is shutting down'3. 'HA Group 1: Moved from state Passive to state Suspended' Could you plea...

shijimon by L0 Member
  • 4137 Views
  • 3 replies
  • 0 Likes

PA-500 Manual Content Update - 3.1

I have a PA-500 that has no internet access currently. A factory reset was done on it bringing it down to 3.1.4. I need to manually install the content updates in order to upgrade the device. The dynamic updates on the support site are for version 4.0 or newer. Where can I find the legacy content packages so I can upgrade fro, 3.1.4 to newer ve...

how to edit subinterfaces in XML config

Hello I need to modify my config. Now its looks like:I need to "move" ethernet 1/4.111 as a subinterface ethernet1/7, and all polices and other related objects. SO I opened in editpad lite my config and I try to move part od config related to this subinterface:</entry><entry name="ethernet1/4.111"><ipv6><neighbor-discovery&...

2016-09-20_210651.png
2016-09-20_211159.png
_slv_ by L4 Transporter
  • 7153 Views
  • 5 replies
  • 0 Likes
  • 24393 Posts
  • 123 Subscriptions
Top Solution Authors
Labels