General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Port 4443

It has been noted that our global protect portal is reachable from the internet using port 4443 and is presenting a self signed cert which is seen as a security vulnerability. Can you let me know if port 4443 is necessary in terms of GlobalProtect connectivity? The below comes to mind, but does anyone have any suggestions? https://live.paloa...

Resolved! Changing Profiles assigned to security Rule

just in the process of switching to a vulnerability profile which is not shared to vsys specific vulneability profile. Is there an easy way to change a vulnerability profile in 250 security rules without having to manually visist every rule?

clewis1 by L3 Networker
  • 8067 Views
  • 3 replies
  • 0 Likes

Resolved! PAN-DB License not active

Hi guys, Applied two licenses to my devices in HA for a one months extension for PAN-DB URL filtering. I applied it to the passive first successfully (shows as active), but now the current active doesn't have an active URL license. I have followed the document below which is mainly to do with migrating databases, however we moved off of Brig...

What file type in the file blocking profile can be uploaded to wildfire?

Hi, I would like to don't upload email-link to wildfire cloud. Usually I choosed "any" for file types in file blocking profile. But I have to check each file types for except "email-link". What file type I should choose? Currentlly, there are 81 file types in pull-down menu.. apkaviavi-divxavi-xvidbatbmp-uploadcabcdrclasscmddlldocdocxdpxdsnd...

Mt_103 by L2 Linker
  • 4545 Views
  • 1 replies
  • 0 Likes

Palo Alto Training Partner

Hello Community, We're thinking of becoming a Palo Alto Training Partner. Can someone please let know the process in becoming a training and partner and any links. Regards

Manage users connected to wire from layer 3

Hello i need for you help. The client has device connected in virtual wire mode and wants to configure another interface on the device that will connect to your LAN where their servers are and can see users who connect to the virtual wire mode. The virtual network wire is connected only to mobile users ..Since the other network want to manag...

Resolved! ECMP and circuit load

I have not been able to find an answer to this in the searching I have done. Does ECMP take into account the current load on the paths before choosing a path? We are using 'balanced round robin' on our metro-e links between locations, we have two providers with identical bandwidth at each location. My question is this: lets say a backup session ...

ldavie by L2 Linker
  • 3592 Views
  • 2 replies
  • 0 Likes

Resolved! Unable to access a site, please try for me

I am unable to access this site in any way throuth my PA 3020 With Pan Os 7.1Obviously is possible through a direct connectionCan someone try and temm me if is the same ?https://www.spcconnect.com/

nicolap by L1 Bithead
  • 7377 Views
  • 10 replies
  • 0 Likes

PA-200 Not Showing "Source User" in Monitor logs. Any Ideas?

Software Version: 7.1.2 User ID Agent: 7.0.4-5 After upgrading the PA and the UIA, the monitor logs are not showing "Source Users". I've also looked in the Reports section and it's not showing up there either. I've also tried to re-configure the Group Mappings again, but no luck. Any ideas would be greatly appeciated.

Multiple GlobalProtect gateways on same firewall- ASA to Palo migration

Hello there, I am working on a migration- ASA to Palo. ASA has muliple remote access vpn's setup - all terminating on outside interface ip address. For example, a RA vpn for employees - authenticating against AD, another for contractors- user accounts created locally on ASA. The IP Pool is different in call instances. Now, I want to create a...

Sushilc by L0 Member
  • 4053 Views
  • 2 replies
  • 1 Likes

Resolved! Change severity of updates - email warnings

Hello, Does anyone know if itis possible to change the severity of some email alerts? Like I don't know why saying app&threats/wildfire is updating every 15 minutes is categorised as severity "high".. Kr,Arne

Arne-VDH by L3 Networker
  • 4936 Views
  • 3 replies
  • 2 Likes

Can't Block Youtube on PAN 7.1.0

Hi Team, I user PAN OS 7.1.0 and now i CAN'T block youtube although i try using both application and url to block. 1, Block by Application I created a rule to block YouTube-base I still view video on youtube normal In log traffic, i see Palo Alto Blocked Youtube-base application But i think, traffic from youtube go through SSL and...

rule_youtube.png
Screenshot_2.png
Screenshot_5.png
Screenshot_7.png
dat.tran by L2 Linker
  • 4112 Views
  • 2 replies
  • 0 Likes

Release notes

Is there a good way to review you firewall against the release notes of the upgrades that you are considering? I have been reading them and in order to avoid issues moving to 7.06 (TACS recommended most stable version) I should do an intermediate of 7.01 because of cert issues that would be caused by going directly to 7.06 from 6.1.11

jdprovine by L4 Transporter
  • 3415 Views
  • 3 replies
  • 0 Likes
  • 24403 Posts
  • 123 Subscriptions
Top Solution Authors
Labels