Enhanced Security Measures in Place:   To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.

General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Ensuring a Safe and Secure Community: How You Can Help

 

Dear LIVEcommunity Members,

 

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

safe-community_oct24.jpg
report-content.jpg
jforsythe by Community Team Member
  • 160 Views
  • 0 replies
  • 0 Likes

User-ID domain-map

Hi guys.

 

I have a problem with a user-id setup in a large multi domain envoirment. User-ID agentd are working fine, but the user did not match against the group mapping. It looks like we have a problem with the domain map. The command debug user-id

...

Routing Multicast PIM SSM

Hi guys,

 

I have Palo Alto cluster A/P with PIM SSM, I would like to know how is manage the multicast routing if i lost the active member ?

 

Regards

Zacre by L0 Member
  • 2092 Views
  • 1 replies
  • 0 Likes

Resolved! How to find out the right app-id

Hi all,

 

I started studying PA firewall recently and am struggling with finding out the APP-ID for some traffic. I can easily find out the services(or ports for CISCO ASA) and create the rules based on services/ports, but by doing this we will lose

...

Firewall rule optimization

Anyone know of any good firewall optimization software for PA. One that can review the rules and make good suggestion to improve the rule order, removal etc?

jdprovine by L4 Transporter
  • 3165 Views
  • 6 replies
  • 0 Likes

PA Bypass Question - McAfee Evader

Does anyone have any information on the latest posted PA bypass?  The youtube video shows some of the FW features  being bypassed using McAfee Evader.  It appears to require an IP of the firewall to execute - the example also shows most of the evasio

...

DMast by L2 Linker
  • 1954 Views
  • 1 replies
  • 0 Likes

Custome report

Hi

How to generate trafficreport for webmail usage like gmail
youtube -education?

Thanks 

sib2017 by L4 Transporter
  • 1512 Views
  • 1 replies
  • 0 Likes

Resolved! Upgrade question Current version 6.0.10

Hi

 

Am currently a PA n00b, looking at upgrading an active/active stand-alone pair of 3020s currently running 6.0.10, looking to upgrade to 7.0.

 

Question: do we upgrade to 6.1 and then 7.0 or is there a better 6.1.x version to make leap from 6.0.1

...

Resolved! VPN Proxy ID nightmare

Hi All,

I can't seem to resolve proxy-id mismatch on a Route-based VPN i have configured between the PAN Firewall and a Cisco 3G router.

On the PAN side, I have configured 10.5.0.0/16 as my local proxy-id and 0.0.0.0 as proxy-id of remote side. I sti

...

Bocsa by L3 Networker
  • 4954 Views
  • 7 replies
  • 0 Likes

WildFire & Office Documents/PDFs - Limitations?

We currently use Wildfire on "PE Executable" filetypes on our PA-500.

 

I'm interested in using it against Office documents and PDFs as those are clearly a major threat vector.

 

Thing is, whatever model of Palo Alto I look at, they all seem to show

...

Block unwanted traffic on port 1720

Hi,

 

I have a voice/visioconference system available on the internet (via NAT-ed IP) using H323. So of course the port 1720 is open and reachable from outside, without restriction on IP addresses because users must be able to reach the system from t

...

NVogel by L0 Member
  • 3026 Views
  • 2 replies
  • 0 Likes

Authentication Profiles on Global Protect

 

Is it possible to have two sets of authentication profile on Global Protect ? One ste of users authenticating through AD and another set through digital certificates only . 

usvi by L3 Networker
  • 1805 Views
  • 1 replies
  • 0 Likes

Resolved! Email alerts for threats.

Do I need Panorama to set up email notifications on high and critical severity threats? I know you can set up sheculed reports, but what if I just want to receive an email when a threat is blocked or detected, or what have you.

Netwerx by L2 Linker
  • 5231 Views
  • 3 replies
  • 1 Likes
  • 23597 Posts
  • 107 Subscriptions
Top Liked Authors
Labels