General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Resolved! Virtual System Migration and clustering

I cam across a scenario where we need to migrate a virtual system from a PA device to another . devices are the same model . Is there any suggestions ? what is the best approach to this ?Also , if a PA device is running virtual systems how we can add it to cluster ? what happens to VSystems ? do they automatically replicated to the other node ?

Resolved! Issue with my Palo Alto Lab

Hello folksI have a strange issue in my lab , here is the scenario :VM-100 on ESXi PAN OS 7.0.5Inside interface connected to internal zone (10.0.1.0/24 network) outside interface connected to my home firewall ( 192.168.1.0/24 network) Interfaces have IPs on the same range as their zones : 10.0.1.10 inside interface , 192.168.1.10 outside. Modem ...

Wildfire reports association to wildfire-virus

For every wildfire-virus signature tripped in Threat logs should I expect to recieve a corresponding wildfire report in the Wildfire Submissions too? Could someone answer or point me to documentation please.

lewis by L4 Transporter
  • 6142 Views
  • 5 replies
  • 0 Likes

Web page issues between F5 and PA

After migrating from an ASA to PA3020, users reported that web pages were not fully loading. The issue was seen on the ASA but rarely. The PA3020 has been showing this issue more often than not resulting in a work around being done on the webpage. The trouble appears to be tied to how the F5 and Palo communicate. With caching enabled, the pr...

RRAPP by L1 Bithead
  • 5605 Views
  • 5 replies
  • 0 Likes

Really good tool!

Hi,This is an really good tool for managing dynamic lists.So far I have tested a basic setup and I have a few comments/suggestions. * How do I change the ssl certificate for MineMeld.* Will you also implement domain blocklists soons (currently running 7.1 beta).* How about making our own miner. Information about this.* Will you also support ipv6...

Resolved! VMware ESXi 6.0 and PA VMs

Is VMware ESXi with vSphere 6.0 supported?The technical documentation for the 6.1 virtual appliances states: "VMware ESXi with vSphere 5.0, 5.1, and 5.5 for VM-Series running PAN-OS 6.1."And the 7.0 documentation states: "VMware ESXi with vSphere 5.1 or 5.5 for VM-Series running PAN-OS 7.0."I've not found any information regarding ESXi 6.0 in an...

Resolved! NAT and Security Policies, PBF Failover and Symmetric Return - Dual ISP

This is two parts:1) I configured Destination NAT rules and corresponding Security Policies to allow inbound access to servers on private LAN. These all utilize the Primary ISP public IP address. If I want these internal servers accessible over the Secondary ISP (as we already have configured PBF failover to the secondary ISP should the primar...

uscit by Not applicable
  • 6526 Views
  • 3 replies
  • 0 Likes

Resolved! OSPF pocket in an EIGRP network

I am putting a PA firewall in our datacenter and am looking to have the firewall advertise the protected subnets out to the rest of the network. However, the rest of the network uses EIGRP, so the datacenter switch and the PA firewall will need to be setup for OSFP in order to have the routes advertised. I am thinking the PA OSPF instance wo...

pa-ospf-eigrp.png
Demast by L2 Linker
  • 3445 Views
  • 2 replies
  • 0 Likes

Resolved! Policies >> Security

Unsure quite how to phrase my question. Under Policies >> Security: I have a Rule way at the top for McAfee ePO; tcp; port 8443.Settings that I have set are: Source Zone: Trust Source: IP address for a specific internal host Destination Zone: Untrust Destination Addresses: 2 different unique external hosts Application: any Service:s...

Resolved! PAN response to: Attacking Next-Generation Firewalls: Breaking PAN-OS ?

So are there any response available from PAN regarding the topic which you can read below? Like when are updates scheduled to be released, any mitigations you can perform before updates are available etc? Or are they already disclosed (and fixed) over at https://securityadvisories.paloaltonetworks.com/ ? Im thinking of: https://www.troop...

mikand by L6 Presenter
  • 9457 Views
  • 9 replies
  • 1 Likes
  • 24404 Posts
  • 123 Subscriptions
Top Solution Authors
Labels