General Topics

Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

 

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! 

 

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 199 Views
  • 0 replies
  • 0 Likes

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

 

Rules and Best Practices

 

  1. Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion
...

JayGolf by Community Team Member
  • 881 Views
  • 0 replies
  • 0 Likes

User-ID Agent Upgrade

Hi,

 

We are planning to upgrade the User-ID Agent from version 6.0.6-4 to 7.0.3-13.

 

Three PAN-OS are running with version 7.1.1, 7.0.5-h2 and 7.0.2 use the same agent server.

 

Is version 7.0.3-13 will work with PAN-OS version above?

qafcopa by L1 Bithead
  • 3516 Views
  • 3 replies
  • 0 Likes

Resolved! Group Mapping for Domains with Non-contiguous namespace

Hi I'm attempting to implement userID on PAN-OS 7.0.6 within a multi-domain forest.

 

All of our workstations exist on one domain and users logging into those workstations exist on another domain within the same forest. I have the UserID agent setup

...

Resolved! DMZ Web Server Access Setup

Hello Community,

 

I have set up a lab environment shown in the below below that is meant to allow access from 192.168.1.X to the sever 10.2.2.1 using static NAT ip address 192.168.1.251

 

I have configured everything as demonstrated in the CBT Nugg

...

IMAGE.png
NAT POLICY.png
Security Policy.png

Blocking brute force SSH to firewall

For various business reasons I need to allow SSH directly to a PA-3020 to manage the unit.  Is there a way to apply a vulenerability policy to this traffic so that I can block bruteforce attacks?

 

Thanks

Dustin

dscott98 by L0 Member
  • 4907 Views
  • 3 replies
  • 0 Likes

Resolved! How Passive FTP is filtered in Palo Alto

Hi Guys, 

 

I know application FTP covers both Passive and Active FTP. However, my question is how it filters the traffic. I mean how a server Intiating a connection to the client will be filtered and allowed. Can anyone help. 

yadsingh by L2 Linker
  • 11612 Views
  • 3 replies
  • 0 Likes

Can I Obtain the CVE in the PA event Log

We have numerous PA firewalls that alert for vulnerabilities. I also have a product that scans for vulnerabilities in my network. The scanning device has CVE numbers in its events. The PA has PA's unique identifier in its event. Is there a way for me

...

Error after Upgrading to 6.1.10

I upgraded our Panorama and two PA3020's in a HA setup this morning. Afterwords I am getting the following errors committing from Panorama to our PA3020's.

 

  • Details:
  • . Configuration committed successfully
  • Warnings:
  • . vsys1 (vsys1)
  • . Warning: NAT DIP
...

stjones by L0 Member
  • 3600 Views
  • 1 replies
  • 0 Likes

Syslog parser

Hi all, do you know if it is possible to use the syslog parser to obtain device information (for instance Operating system) and use this info in security rules?. I am using the syslog parser to obtain the IP-User mapping and it works perfectly, now I

...

ssancho by L2 Linker
  • 2230 Views
  • 2 replies
  • 0 Likes

Resolved! Panorama HA Status

Hello everyone,

 

When I have 2 firewalls in an HA state after a few minutes my primary device gets a Non-functional (Drive error detected). I normally fix this by suspending the local device on my passive firewall. Is there a way to keep both device

...

Resolved! forming firewall HA in a panorama managed environment

we have a panorama managed firewall and we push objects from panorama to it . we are considering to make a HA firewall setup . as per articles from PaloAlto , Panorama objects are not being synchronized.

Question 1 : Should we add secondary firewall t

...

User-ID Agentless question

Is there a reason why with Agentless User-ID I still never see any logs in Monitor? As shown below it definitaely is working but traffice logs do not sohw user-ids. I have a any any policy and user-id  box is checked on  the zones. ANy ideas? I ahve

...

Error upgrading PA200

hi,

 

We have a PA200 in version 6.1.0 and we install the versions 6.1.11 but we receive this error:

 

"Failed to install 61.11 with following errors. SW version is 6.1.11 Error: At least one local superuser should be defined in Administrator. Failed

...

  • 24014 Posts
  • 115 Subscriptions
Top Solution Authors
Top Liked Authors
Labels