General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Enhancement Request: URL aggregator optimization

Today, the stdlib.aggregatorURL aggregator processes a list of URLs, removes duplicates, and manages withdrawals/whitelists. However, no optimization is performed on the output of this aggregator. I would like to recommend the following enhancements: 1. Removal of superfluous URLs URLs that are made redundant by shorter, wildcard URLs should...

rhagen by L3 Networker
  • 6285 Views
  • 3 replies
  • 0 Likes

understanding palo alto classifying traffic

Hi, This is just to understand how palo alto understand classify the traffic and take action . as I pasted below from multiple sources sending packets to an inside host . Palo alto log shows around 10 times (in a second ) from the same souce traffic hitting to the inside host . Question? In the above scenario , traffic is normal ...

sib2017 by L4 Transporter
  • 6525 Views
  • 10 replies
  • 0 Likes

issue with malwaredomainlist.ip

Dear, I added the "malwaredomainlist.ip" as miner.This is working (shows that it has mined about 1500 IPs), but when I add the miner input to a ipv4 or domain aggregator I do not get any output...

2016-04-18 16_09_21-minemeld.png
mr.linus by L4 Transporter
  • 4339 Views
  • 2 replies
  • 0 Likes

Content 579 Customer Advisory

As a follow up to the release of Application and Threat Content version 579, Palo Alto Networks recommends that customers remove the following applications from their security policies prior to upgrading to content version 579. This is suggested to avoid running into any configuration or traffic related problems with content version 579. These...

NFS Logging \ Non-HA

Hopefully a stupid question - doea Panorama need to be in a HA pair for NFS logging to work? We are looking to setup and I am getting a 'Panorama must be set as primary' error - even though we do not use HA for Panorama and therefore this seems a moot point (and not something I can change). Thanks

apackard by L4 Transporter
  • 2273 Views
  • 2 replies
  • 0 Likes

anyone notice this PAN-OS 7.1.2

Anyone notice this "PAN-OS 7.1.2" Determine the upgrade path.You cannot skip installation of any major releases in the path to your target PAN-OS version. Therefore, if you intend to upgrade to a version that is more than one major release away, you must still download, install, and reboot the firewall for each intermediate major release along...

Inventory

Hi There: Is there a way to export total devices managed in a spreadsheet through Web GUI? (Panorama) I've tried the csv route through asset on my online account but it exports everything included with the device. I'm just looking for a simple "this is how much PA devices we currently have."

PaloAlto and Cisco Scansafe Proxy

I have a PaloAlto PA-200 with very simple configuration. I configure the PA-200 Management interface to get update the Antivirus, Threats, WildFire and URL Filtering. The proxy server is Cisco scansafe. I can update software, dynamic updates, license everything through the proxy server from the PAN-200 with the Exception of of the PAN-DB for ...

dtran by L4 Transporter
  • 2764 Views
  • 2 replies
  • 0 Likes

Resolved! Apps and Threats 578-3263 *URGENT* *SOLVED*

We have had a few issues with customers and their network when upgrading to the latest Apps and Threats update. Can anyone comment on this at all? A few examples of issues are that decryption is not working, and communication to the LDAP server was lost. Sessions are closed with the error message "resources unavailable". Regards Jack

What's new in MineMeld 0.9.7

Release Date: 2016-03-24 How to update: Updating MineMeld Nodes - Miner for ProofPoint ET Pro feeds - Miner for PAN-OS syslog messages, let you extract indicators from PAN-OS logs according to a set of rules UI - now you can add a new static indicator directly from the NODES page or using the log-links feature of PAN-OS

Screen Shot 2016-03-29 at 10.55.39.png
Screen Shot 2016-03-29 at 10.54.55.png
lmori by L7 Applicator
  • 8309 Views
  • 7 replies
  • 0 Likes

Monitor hits against captive portal?

When using user ID and captive portal, when an Auth attempt fails because of the captive portal, how can you get notified? We have spent hours troubleshooting broken apps because the captive portal was preventing access but we have no indication of the reason.

btrotter by L1 Bithead
  • 4587 Views
  • 5 replies
  • 0 Likes

ISE syslog for UserID

I am trying to parse ISE RADIUS logs to help map wireless users to IP addresses. I have the Palo configured as follows but I am not getting any info from ISE. I am not that familiar with ISE and did not set up that end but have been told that ISE is sending the RADIUS Accounting logs to the management interface of the firewall. I I have User...

ISE settings.PNG

Resolved! Captive Portal with Vwire.

Why does below document advise we need a L3 interface for captive portal? We are running solely vwire and I still get on form when testing. I do have repsonse pages setup as well https://live.paloaltonetworks.com/t5/Configuration-Articles/Configuring-Captive-Portal-in-V-Wire-with-RADIUS-Authentication/ta-p/58143

Resolved! Two factor issues after upgrading to GlobalProtect 3.x

Hi, After doing an upgrade from GlobalProtect 2.3.4 to 3.0.1 we're having issues with users not being able to do two factor authentication in combination with SSO. The software we're running is SecurEnvoy, which has been working fine up to the client update. Firewalls are running PAN-OS 7.0.5-h2. SecurEnvoy responds as it should, and sends...

arvesynd by L3 Networker
  • 4685 Views
  • 2 replies
  • 0 Likes
  • 24396 Posts
  • 123 Subscriptions
Top Solution Authors
Labels