General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Resolved! New to Palo Alto device

I am a new technology coordinator in a school that has a Palo Alto device. I am new to these devices. The support contract (right term?) was up in 2014, and I would like to figure out how to get firmware (Pan-OS?) updates on the device. It is a PA-200. Can anyone point me in the right direction? I have searched Google and found lots of dead ends...

LSVPN Troubleshooting

I have all the guides for configuring LSVPN at the gateway, portal and satelite. I have done that and now verifying the LSVPN connection. This is the first LSVPN satelite to try and connect. Is there a good troubleshooting guide with steps for determing why the satelite is not connecting. As all are aware the issue could be either the gateway, p...

Check Dynamic Update Version On All Palo's From Panorama

Panorama has been great so far, but can I not check all my devices Dynamic Update Version from within Panorama? For instance there was the 613 update yesterday and some of our devices did not get the scheduled update due to the timezone they were in. So I have to log in to each Palo and check the Threat and Content version individually. We only...

Resolved! Recycling old Palo gear

Does anyone know of a recycling program for Palo Alto networks, we have an old 5050 in the office we want to get rid of (no support or licenses) and would rather not throw it in the trash

nrobison by L1 Bithead
  • 4496 Views
  • 1 replies
  • 0 Likes

OS 7.1 blocking telnet over SSL

We have in-house software that uses secure-telnet port 992 and that has been blocked after the 7.1.4-h2 upgrade. I've created a rule to pass the traffic to the destenation address with any application any service but never help, the logs said reset both by internzone rule, only changing interzone rule to allow will let the application communicat...

Top 5 user behavior report

In the predefined report it has a section called Top 5 user behavior report. What exactly is this telling me about the user/pcs/devices that are listed?

jdprovine by L4 Transporter
  • 2526 Views
  • 3 replies
  • 0 Likes

globalprotec vpn for phones

Is anyone using the globalprotect vpn client for their phones and mobile devices? How do you like it? Can it use the same portal and gateway and the pc's? Was was the cost and how much was it

jdprovine by L4 Transporter
  • 3078 Views
  • 4 replies
  • 0 Likes

Lync Client and GlobalProtect Split tunneling issue

Hi, Mircosoft recommands to enable splitunnling for lync. https://blogs.technet.microsoft.com/nexthop/2011/11/14/enabling-lync-media-to-bypass-a-vpn-tunnel/ To still continue to have the internet over the VPN, how can Globalprotect client only allow specific public ip address to bypass the tunnel? Thank you Kind regards, Pierrick

Resolved! Problems with Skype rule letting traffic through

Hi,I am trying to configure a rule on the PA2050 to allow SKYPE out of the network, and I am seeing a bit of a security hole in the app rule.I have set it up using the document:https://live.paloaltonetworks.com/docs/DOC-1505/controllingskype.pdfI have:From Zone: Trustto Zone: UntrustAddress: <My Workstation>Application: SKYPE, SKYP...

jenkinsp by Not applicable
  • 5491 Views
  • 4 replies
  • 0 Likes

Resolved! False Positive? Network Time Protocol Daemon crypto-NAK Authentication Bypass Vulnerability

Name: Network Time Protocol Daemon crypto-NAK Authentication Bypass VulnerabilityUnique Threat ID: 39734criticalCVE-2015-7871 FIRST RELEASE612 (2016-09-14 UTC)LAST UPDATE612 (2016-09-14 UTC) Anyone else seeing lots of "Threat Alerts" for this signature? Just started seeing these Threat Alerts come in from multiple PA-500's for our orginization ...

Resolved! Dual Factor Authenticatin for Global Protect - possible?

Folks. Does anyone know if it's possible to integrate dual-factor authentication (SecureID or similar) into Global protect authentication? Our business is requiring more and more rigid access control for VPN access (among other things), and I need to look into getting some form of 2FA integrated into our VPN sign on in the short to medium term. ...

darren_g by L4 Transporter
  • 5509 Views
  • 5 replies
  • 0 Likes

Application Usage Report

Which report, and what configuration should I use to get every user/source IP of a user using a specific application? I currently tried "Device Traffic Summary" sorting by "bytes" top 5 grouping by user, but I can only have top 50. So only the "Top 50 users consuming the most bandwidth." If I try ACC and target the application I can get top 50...

  • 24393 Posts
  • 123 Subscriptions
Top Solution Authors
Labels