General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

How to prefer 1 ISP for one application

I got why huge traffic is coming to port 3978.Application is identified as Panorama.Its hge Gbs of traffic in one session.The source IP is firewall management Ip and destination is Panorama IP.But why i need to kill this session means, we have a setup of 2 ISPs. We prefere this traffic should go through 1 ISP only one ISP.Tht we accomplish throu...

UserID What's the best practice for configuration crossing multiple firewalls

Hello,We are starting to deploy UserID based policies across our enterprise.I'd like to know what is the best practice when dealing with rule policies that cross multiple zones/firewalls that are in different locations?Does the user portion of the rule only need to be as close to the client then go to network rules in between the firewalls and r...

Adding IOCs to URL Filtering

Hi PAN Live Community, If I add additional IOCs (URLs/Domains/IPs) to our current active URL Filtering Profile, how do I make those new IOCs take affect? Besides committing the changes to the added IOCs, do I need to re-apply the this profile to the Security Policy (in the Policies tab?) The reason I'm asking is because (if memory serves me righ...

eliang by L1 Bithead
  • 3131 Views
  • 3 replies
  • 0 Likes

Resolved! Error in threat signature, how do I report?

Hi All, I recently came across an odd log for a customer of mine and after much analysis and research I have found that it is actually a false positive on Palo Alto's side regarding the signature of a threat. How do I go about report this? I am unable to open cases my account isn't associated with a company. Thanks in advanced for any help!

Resolved! Why does the ip-user-mapping distinguish DP and MP?

Hello suddenly, I am wondering that ip-user-mapping have two table[DP, MP] After connecting to AD Server to get Security logs, Why PAFW get that table seperatly,? I think there are reason, and I don't know well about relating to DP, MP If DP was restart about someting problem, Would PA be able to get user information through MP? Do I think...

John_Lee by L2 Linker
  • 5849 Views
  • 4 replies
  • 0 Likes

2016 - Live Community survey. Let us know what you think and get a chance to win a VM-100!

Hello Live Community users, You might have seen it in your inbox...our 2016 Live Community survey is out! We're conducting this survey to improve our community and your input would be greatly appreciated. If you have not replied yet, click here to start the survey. It should only take 5 minutes and you could win a Palo Alto Networks VM-1...

carnould by L4 Transporter
  • 2707 Views
  • 1 replies
  • 1 Likes

Resolved! In which vsys to place aggregate interfaces?

Hello, I have multi-vsys system with multiple aggregate interfaces (L3). I am going to configure multiple VLANs on each aggregate interface and place them in different vsys. My question is where to place the aggregate interface itself. I was planning to leave it in admin vsys1, but is this supported design? Thank you.

HAL9000 by L1 Bithead
  • 3901 Views
  • 3 replies
  • 0 Likes

PA and AD Integration

My PA is experiencing a lag between when user accounts are modified in the AD group used for VPN authentication and when the PA begins enforcing the new account settings. Is this fixable? What is the maximum lag that I should be seeing? Is it possible for an account to be disabled in AD and there be a lag between when the user can no longer l...

RustyPA by L1 Bithead
  • 2140 Views
  • 1 replies
  • 0 Likes

Resolved! 3050 - Maximum Number of Routes & ProxyID

Hello All: We have (2) 3050s in an Active/Passive & we do a ton of VPNs. As such, we have a lot of static routes & ProxyIDs. Can someone tell me the maximum # of each that the 3050 supports? We're running 6.1.4 now - gonna get to 7-something when we can get the maintenance window. I asked PAS & they told me 5,000. I see that # for VP...

Resolved! How to request new URL Category

The UK Government has informed Local Authorities that they should implement measures to prevent radicalization and extremism, which includes filtering Internet access available in LA provided public facilities, such as Libraries, and Schools. As the support provider of the firewall services in one such authority, we have been asked to implement ...

Nig by L1 Bithead
  • 4210 Views
  • 4 replies
  • 0 Likes

Resolved! Outbound SSL Decryption Capabilities

I know outbound SSL decryption can work when a client inside the network is accessing a secure website on the internet. But can SSL decryption work when a client on the internal network attempts to make a vpn connection to a vpn server using an SSL VPN connection elsewhere on the public internet? Can SSL decryption intercept that connection an...

RustyPA by L1 Bithead
  • 3466 Views
  • 2 replies
  • 0 Likes

Authenticated threat feed - Miner node

Hi all, A customer of mine subscribes to a threat feed where they need to authenticate (using web form) to recieve the inputs. Maybe I have missed this, but I couldn't see any predified miners to achieve this? Thanks, Tim

tkirk by L1 Bithead
  • 5070 Views
  • 1 replies
  • 0 Likes
  • 24403 Posts
  • 123 Subscriptions
Top Solution Authors
Labels