General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

How to prioritise users over Remote VPN (Global Protect)

I am wondering if you can advise me on a possible or best way to achieve the following. Current Situation============== We have remote VPN enabled on our Palo Alto firewall and we are using Global protect for that. Currently everything seems to be working fine. A user comes online and given a IP and then the user is routed to our Data Center wh...

nvirmani by L1 Bithead
  • 3258 Views
  • 3 replies
  • 0 Likes

Resolved! Whitelisting o365

I want to make sure I understand the workflow on this correctly. To whitelist o365 I would perform the following: 1) Clone the o365 miners I want, prefixing them with wl 2) Edit the input for wlwhitelist and add the wlo365 miners I created. Is there anything I'm missing here?

chirss by L3 Networker
  • 6943 Views
  • 5 replies
  • 0 Likes

Resolved! Cannot find AD group in "source user" tab

Hi All, I have added two new AD group, on DC.I can clearly see them in group mapping setting: While in "source user" tab: What can cause this behavior? When the AD group will be available in "source user" find? Suggestions? BRLuca

Group_Mapping_OK.JPG
Deny_internet_not_found.JPG

Vwire design considerations and issues

We recently purchased a pair of PA-5050s, and had a VAR implement the design recommended by our Palo SE. This design has lead to many challenges and issues, and I'm now questioning wether we made the right design choice. Prior to purchasing the Palo, we've been using a Cisco ASA, impletmented in the traditional manner, placed on the perimeter wi...

dbrody by L1 Bithead
  • 5646 Views
  • 5 replies
  • 0 Likes

Application incomplete Site to Site VPN

Greetings, I wish to run an issue that one my sites is experiencing with a site to site VPN. The issue that is experienced is that some applications mainly mail application will show up in the logs as incomplete. I will aim to give you the full picture of this so you can understand the setup and hopefully advise of a solution. (Working Site)SITA...

Resolved! Custom url feeds

Is there any sort of documentation surrounding things like adding a custom url in? I'm thinking I'll have to dig into the file system but was wondering if there is anything documented as to what to do. Say I have an ip list at http://somefancywebsite.com/directory/badiplist.txt I wanted to throw into the mix here. Is there an easy way to do th...

chirss by L3 Networker
  • 5826 Views
  • 3 replies
  • 0 Likes

Misidentification on App-ID

Has anyone experience the App-ID misidentify existing Apps? Here is the problem we are having. I have rules allow SMTP (Application-Default) from the Mail Firewall to Exchange. Since yesterday (9/21), the firewall is identifing all the SMTP traffic as Unknown-TCP (25) and drop the traffic. We are running 614-3540 as the Application and Threats, ...

Remote access to PA box when internet connection is broken (PANOS update failed) - how to?

Hello Since month I have remote branch and PA200 there. Today I decided to upgrade from 7.0.9 to 7.0.10. According to change log 7.0.9 should fix upgrade problem, but something went wrong and I havent acccess to my device.Today I will solve my problem using car and long trip but for the future I'm looking for cheap and resonalble solution. Juni...

_slv_ by L4 Transporter
  • 3607 Views
  • 5 replies
  • 0 Likes

PAN-OS 7.0.9 any issues on PA-5050?

Hi Guys, Looking to upgrade HA pair active/passive from 6.1.12 to the 7.0.9. Anything that l should be aware of. I am checking known issues and release notes. Same for the security advisory. But maybe something from your experience (issues that currently reported but will be fixed in the next release) Thx,Myky

VPN / Proxy Traffic

We can see traffic associated with VPN and Proxy but this information is not included in reporting. (ex. Hotspot Shield)

  • 24404 Posts
  • 123 Subscriptions
Top Solution Authors
Labels