General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Resolved! What is HTTP OPTIONS Method

Hi,

In our ACC I can see that the status bar is 3.7, thanks to the vulnerability HTTP OPTIONS Method. The problem is that I have no idea what this is and how I can fix this.
How can I fix this problem?

ZEBIT by L3 Networker
  • 4666 Views
  • 3 replies
  • 1 Likes

Traffic from one zone to another

Hello.

We have two virtual wires called 'eduroam' and 'live'. There are two zones linked to eduroam, namely 'eduroam_tr' and 'eduroam_untr'. There are also two zones linked to 'live', called 'live_tr' and 'live_untr'. We would like to allow communica

...

shilpaal by Not applicable
  • 942 Views
  • 3 replies
  • 0 Likes

There are drop counters when performance test

Hello,

I am doing performance test with Breaking Point about throughput , CPS.

While testing, I have found drop counters as below.

session_dup_pkt_drop                     701        3 drop      session   resource  Duplicate packet: Applies only for mul

...

Resolved! GlobalProtect Auth Problem after making new VSYS

When ever we make a new vsys our global protect authentication fails with user not in allow list. Has anyone else seen this problem.  We are going from one one system to 2 vsys's.  ( I don't know the correct wording)

Moving/importing logs after HD failure

Hi.

Recently, owing to an unplanned abrupt shutdown of my active firewall, I ended up with a hard drive corruption which prevented it from booting up (thank $deity for HA pairs).

Quite apart from PA's *ridiculously* bad response time to replace the har

...

darren_g by L4 Transporter
  • 2099 Views
  • 10 replies
  • 1 Likes

Layer 2 vs. Layer 3 Deployment

Hi!

At the moment, I hover between a Layer 2 and Layer 3 Deployment of my PA.

My setup is:

                                                            |     |     |    |

Internet <-> IPSEC-router <-> DMZ <-> internal firewall

                            

...

Dynamic Roles vs. Role-based Panorama

Hi everyone

So I was just wondering if anyone else has noticed a discrepancy between role-based and dynamic roles on their Panorama. I notice that "botnet" and "session browser" are not drop downs for my role-based admin role. That is fine since https

...

jprice2 by Not applicable
  • 944 Views
  • 1 replies
  • 0 Likes

Cisco to PA Access List Migration

Hello,

I am in process of prepping a Palo Alto 5050 to replace a Cisco FWSM. I am doing most of the configuation on the PA by hand, but I was wondering if anyone knows how to best go about importing over 5000 Cisco access list lines into the Palo Alto

...

mwhitlow by L0 Member
  • 1585 Views
  • 7 replies
  • 0 Likes

A lot of traffic on port 443 (https) to ip 65.52.98.231

Hello,

I have a lot connections from my firewall to public IP addresses 65.52.98.231 port 443.

Our SIEM correlated events and generating the following offense:

    Event Name:    Excessive Firewall Accepts From Multiple Sources to a Single Destination

  

...

SOC_CSG by L4 Transporter
  • 2701 Views
  • 3 replies
  • 1 Likes

Resolved! DCHP GLOBALPROTCTECT

Hi there.

I wonder if it is possible to match an IP address with a MAC Address, this can be done in the normal DHCP in a public interface, but not if one GlobalProtect in DHCP can be made.

Axca by L0 Member
  • 1698 Views
  • 3 replies
  • 0 Likes

Resolved! SSL Offloading 'Forward Trust' grayed out

Hi,

I have created a certificate from my local CA and also have imported the CSR from PA to the local CA, created the

identity certificate, all is well, but it seems I am not able to "Check Box" the "Forward Trust Certificate" on the  PA.

This it seems

...

rz185016 by Not applicable
  • 4022 Views
  • 5 replies
  • 0 Likes

Resolved! Administrator Authentication with ldap

Trying to create role based user account for monitoring the firewall. I tried to use ldap authentication. However it seems there is some issue with using ldap

I am facing this error after trying to authentication with correct credentials and below are

...

Westcon2 by L3 Networker
  • 2856 Views
  • 15 replies
  • 0 Likes
Top Liked Authors