General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Panorama M-100 GUI timeout

I have a problem with a Panorama M-100 running 5.1.4, where sessions in the web-gui seems to time out before they have reached the "idle timeout" configured under Panorama/Setup/Management/Authentication Settings.

What happens is that after being ina

...

torm by L4 Transporter
  • 1453 Views
  • 2 replies
  • 0 Likes

Resolved! Google search problem

Dear all,

I'm writing to ask a question about the image that I'm showing you.

My user can see only a part of the images when he search for that.

This is the result of a search with google images:

I've read this thread:

https://live.paloaltonetworks.com/do

...

Global Protect Radius Child Domains

Global Protect using Radius works perfect for users in the parent domain. It will not work for users in child domains.

I worked with Palo Support for several hours and they believe the issue is a setting on the Radius server but they do not know what

...

ddavis1 by Not applicable
  • 1409 Views
  • 2 replies
  • 0 Likes

Skype performance tuning

Good morning everyone,

I've been testing a PA-200 unit here and I have a certain issue with Skype, which is mostly due to Skype being very weird about how it uses the network.

Most threads I found around here are about blocking or controlling Skype som

...

Guillaume by Not applicable
  • 1866 Views
  • 1 replies
  • 0 Likes

VPN & SSL VPN questions - A/A cluster

I'm starting to setup an Active/Active cluster And I'm looking at using arp-Load-Sharing as that seems to be the fault tolerant/load balancing one.

So here's the question will SSL VPN (web interface) & site2site vpn's (with cisco and sonicwall devices

...

jkw117 by L0 Member
  • 3014 Views
  • 6 replies
  • 0 Likes

Wildfire Threat Type

I clicked on the Magnifying Glass icon of a Wildfire Submission Log entry and there are related log entries that shows a Threat Log Type Wildfire. When I went to the Threat Log and tried to filter on Type equals Wildfire nothing comes up. As a matter

...

jwolach by L4 Transporter
  • 861 Views
  • 1 replies
  • 0 Likes

About 'URL Filtering' in ACC tab.

Hello, guys!

In PanOS 5.x and later if I don't use any profiles in my security rules I can see 'URL Filter' data on ACC tab. In PanOS 4.1.x I need create 'URL Filtering' profile with 'alert' action for all categories and apply it for security rule to

...

faust by L1 Bithead
  • 1159 Views
  • 0 replies
  • 0 Likes

Clientless User-ID problem

Hello.

When debugging clientless User-ID I've noticed a strange entry in useridd.log log file. I'm trying to connect to 2 AD servers.

It says:

2014-04-07 10:44:09.875 +0200 Error:  pan_user_id_win_log_query(pan_user_id_win.c:1319): log query for server1

...

santonic by L5 Sessionator
  • 2382 Views
  • 7 replies
  • 0 Likes

Stopping email alert for Syslog related Logs.

How stop email alerts for syslog related logs? For example Email alert is generated for every one hour that syslog server is active.

Note: The log severity level for email alert is configured for high and it should be changed.

Gururaj by L4 Transporter
  • 2059 Views
  • 3 replies
  • 1 Likes

Resolved! A lot of unknow-udp traffic (port 123)

Hi

I observed since 04/09 a lot of traffic clasified as unknown-udp from my DMZ to Untrust. It could be missidentified because I have security rule that allow NTP.

It could be related to 429 package of Thread prevention update. Now I'm on 430-2169.

Do Y

...

_slv_ by L4 Transporter
  • 2182 Views
  • 3 replies
  • 1 Likes

Resolved! software update schedule

Hi quick question regarding software updates. I know you can pull updates manually within the device, but I was under the impression that these updates would pull and install automatically. We had a consulting company help with our install so I may b

...

bino150 by Not applicable
  • 1624 Views
  • 1 replies
  • 0 Likes

Resolved! Log Category and Current Category : PAN-DB

Hello,

Anyone here having the same issue? Please see the image below,

The URL that we are browsing isn't match with the Log Category.

We already tried re-downloading the whole URL PAN-DB. Also, the URL category on the cache identifies "youtube" as strea

...

QoS policies

hi!

i have a question regarding the QoS feature, so here goes:

the scenario is the following - we have 2 apps for which we would like to limit the bandwidth, lets say app1 and app2. we have edited one of the QoS classes in the default QoS profile, clas

...

Heratbleed CVE-2014-0160 - New Vulnerability Signatures

Palo Alto released multiple vulnerabilities for the Heartbleed bug.

New Vulnerability Signatures (3)

Severity

ID

Attack Name

CVE ID

Vendor ID

Default Action

Minimum PAN-OS Version

medium

40039

OpenSSL TLS Heartbeat Brute Force - Heartbleed

CVE-2014-0160

alert

  1. 3.1.
...

bdeschut by L4 Transporter
  • 2388 Views
  • 5 replies
  • 0 Likes
Top Solution Authors
Top Liked Authors