General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Resolved! Uptick in RFC2397 Data URL Scheme Usage Detected (30419) ?

Before I go on a wild goose chase, has anyone seen an increase in threat 30419 (RFC2397 Data URL Scheme Usage Detected)?

 

It seems like these things trip for a while until PA figures out someone's using something novel in a new App. A new application

...

MCmgt by L2 Linker
  • 4623 Views
  • 7 replies
  • 0 Likes

QoS Implementation for Voice Traffic

We are looking to implement QoS on our Palo Alto device for our voice traffic. We are currently tagging voice traffic with DSCP 46(ef). This is done at the source using Windows group policy to tag all traffic that originates from application "lync....

VLAN taggin Wireless traffic

I have a Wireless Access Point with multiple SSID's configured connected to a PA-200 on the interface ethernet2 (vlan).

 

The PA config is setup as per https://live.paloaltonetworks.com/t5/Configuration-Articles/Setting-Up-the-PA-200-for-Home-and-Sma

...

Resolved! Device Group Hierarchy and Template Stacks in 7.x

Howdy all!  I am really curious about Device Group Hierarchy and Template Stacks in 7.x.  There could be incredible value in utilizing these features in my environment.  The biggest question I have is:  Does Panorama AND the target firewall BOTH have

...

control over ssh traffic - command or data

Hi All,

          After implementing SSH decryption, can  PA have the visibility to idenfity whether commands or any other data is being shared over ssh

 

 

 

with regards,

Ram

Gururaj by L4 Transporter
  • 2888 Views
  • 3 replies
  • 0 Likes

Resolved! Predefined reports with several Virtual Systems

Hi all,

 

We have a Firewall divided in two vsys and we are having problems with the configuration of some reports. When you try to generate a new "PDF Summary" and you have selected the virtual system "Shared" there are available some predefined rep

...

Carracido by L3 Networker
  • 2855 Views
  • 1 replies
  • 0 Likes

Custom Dynamic Block List

Does anyone know how long a custom dynamic block list take to refresh? Is it suppose to refresh\pull every 15 minutes? And if you do a commit does that make the change immediate?

Here is my scenario, we are using a custom dynamic block list to add xp

...

lewis by L4 Transporter
  • 3892 Views
  • 6 replies
  • 0 Likes

Resolved! script to rename address objects

Hi All,

 

i have  a requirement to rename alot of my address objects on firewall,is there a command with which it can be done  so it can be made into a script?

 

thanks for any help.

Harshit by L3 Networker
  • 8415 Views
  • 3 replies
  • 0 Likes

Recent BDS report from NSS

 

Hi Guys,

 

Have any of you read the most recent NSS report for PA DBS below. Please let me know if any of you seen this.

 

https://library.nsslabs.com/reports/technology-brief-palo-alto-networks-bds

 

Thanks

S

Donsen by L0 Member
  • 3104 Views
  • 1 replies
  • 0 Likes

Resolved! Unblocking ninite.com

I created a URL filter to block shareware sites; however I need to unblock one that I use. ninite.com. I have had no success getting this site to work. Adding the url ninite.com to the allow list, I am given an SSL error (enable TLS 1.0, 1.1, 1.2) wh

...

jharlow by L3 Networker
  • 6001 Views
  • 7 replies
  • 0 Likes

Radius Authentication - Passive Firewall

Hi,

 

I am trying to authenticate the passive firewall via Radius for management purposes.

 

In the active firewall I have the same radius server configured with two different secret keys (one for active and one for passive).   On my radius server I

...

indysogi by L2 Linker
  • 2920 Views
  • 4 replies
  • 0 Likes

PCI compliance and port 443

We are employing GlobalProtect VPN on our PA, which also happens to be our intranet gateway (NAT) to the Internet. Technically speaking, the setup works very well. Because port 443 is typically open on most firewalls, we can connect to the VPN virtua

...

  • 24020 Posts
  • 102 Subscriptions
Labels