General Topics

Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

 

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! 

 

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 198 Views
  • 0 replies
  • 0 Likes

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

 

Rules and Best Practices

 

  1. Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion
...

JayGolf by Community Team Member
  • 880 Views
  • 0 replies
  • 0 Likes

Resolved! Pull Info on Specific GlobalProtect User

Is there a way to pull information on a specific user connected on globalprotect throught the CLI?

 

I know the command:

show global-protect-gateway current-user

pulls all the users in... but what about just for a single user?

 

Thanks.

mmclimans by L3 Networker
  • 2426 Views
  • 1 replies
  • 0 Likes

Resolved! Uptick in RFC2397 Data URL Scheme Usage Detected (30419) ?

Before I go on a wild goose chase, has anyone seen an increase in threat 30419 (RFC2397 Data URL Scheme Usage Detected)?

 

It seems like these things trip for a while until PA figures out someone's using something novel in a new App. A new application

...

MCmgt by L2 Linker
  • 5267 Views
  • 7 replies
  • 0 Likes

QoS Implementation for Voice Traffic

We are looking to implement QoS on our Palo Alto device for our voice traffic. We are currently tagging voice traffic with DSCP 46(ef). This is done at the source using Windows group policy to tag all traffic that originates from application "lync....

VLAN taggin Wireless traffic

I have a Wireless Access Point with multiple SSID's configured connected to a PA-200 on the interface ethernet2 (vlan).

 

The PA config is setup as per https://live.paloaltonetworks.com/t5/Configuration-Articles/Setting-Up-the-PA-200-for-Home-and-Sma

...

Resolved! Device Group Hierarchy and Template Stacks in 7.x

Howdy all!  I am really curious about Device Group Hierarchy and Template Stacks in 7.x.  There could be incredible value in utilizing these features in my environment.  The biggest question I have is:  Does Panorama AND the target firewall BOTH have

...

control over ssh traffic - command or data

Hi All,

          After implementing SSH decryption, can  PA have the visibility to idenfity whether commands or any other data is being shared over ssh

 

 

 

with regards,

Ram

Gururaj by L4 Transporter
  • 3286 Views
  • 3 replies
  • 0 Likes

Resolved! Predefined reports with several Virtual Systems

Hi all,

 

We have a Firewall divided in two vsys and we are having problems with the configuration of some reports. When you try to generate a new "PDF Summary" and you have selected the virtual system "Shared" there are available some predefined rep

...

Carracido by L3 Networker
  • 3171 Views
  • 1 replies
  • 0 Likes

Custom Dynamic Block List

Does anyone know how long a custom dynamic block list take to refresh? Is it suppose to refresh\pull every 15 minutes? And if you do a commit does that make the change immediate?

Here is my scenario, we are using a custom dynamic block list to add xp

...

lewis by L4 Transporter
  • 4614 Views
  • 6 replies
  • 0 Likes

Resolved! script to rename address objects

Hi All,

 

i have  a requirement to rename alot of my address objects on firewall,is there a command with which it can be done  so it can be made into a script?

 

thanks for any help.

Harshit by L3 Networker
  • 10022 Views
  • 3 replies
  • 0 Likes

Recent BDS report from NSS

 

Hi Guys,

 

Have any of you read the most recent NSS report for PA DBS below. Please let me know if any of you seen this.

 

https://library.nsslabs.com/reports/technology-brief-palo-alto-networks-bds

 

Thanks

S

Donsen by L0 Member
  • 3528 Views
  • 1 replies
  • 0 Likes

Resolved! Unblocking ninite.com

I created a URL filter to block shareware sites; however I need to unblock one that I use. ninite.com. I have had no success getting this site to work. Adding the url ninite.com to the allow list, I am given an SSL error (enable TLS 1.0, 1.1, 1.2) wh

...

jharlow by L3 Networker
  • 6958 Views
  • 7 replies
  • 0 Likes

Radius Authentication - Passive Firewall

Hi,

 

I am trying to authenticate the passive firewall via Radius for management purposes.

 

In the active firewall I have the same radius server configured with two different secret keys (one for active and one for passive).   On my radius server I

...

indysogi by L2 Linker
  • 3508 Views
  • 4 replies
  • 0 Likes

PCI compliance and port 443

We are employing GlobalProtect VPN on our PA, which also happens to be our intranet gateway (NAT) to the Internet. Technically speaking, the setup works very well. Because port 443 is typically open on most firewalls, we can connect to the VPN virtua

...

  • 24013 Posts
  • 115 Subscriptions
Top Solution Authors
Top Liked Authors
Labels