This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Palo Alto daily admin tasks

Hi, I am a somewhat newbie to PaloAlto firewall. I was wondering if someone could give some good guidance into what "Daily" tasks look for a PaloAlto Admin? What should they be monitoring on daily basis? Is there a nice checklist of things that should be looked into on Daily and/or weekly basis? Thanks. P

Chintan by L0 Member
  • 4418 Views
  • 2 replies
  • 2 Likes

System stats

Is there a way to run a report to see if CPU is getting spiked over a 24 hour period of time

jdprovine by L4 Transporter
  • 2236 Views
  • 1 replies
  • 0 Likes

Resolved! VWIRE Physical Connecivity to Current Virtual Firewall

Hi, I am trying to get my head around VWIRE and how it supposed to work. We have the following scenario SWITCH -> VIRTUAL FIREWALL (ON SHARED HOST) -> INTERNET We are now looking to do SWITCH -> PALO ALTO -> VIRTUAL FIREWALL (ON SHARED HOST) -> INTERNET I am thinking how this would work physically. The virtual firewall...

indysogi by L2 Linker
  • 3227 Views
  • 2 replies
  • 0 Likes

Logging query - Missing logs from implicit deny rule

Hi all, Doing some testing with a PAN-OS v6.0.0 VM-100. The command ‘set system setting logging default-policy-logging 300’ is configured so I am seeing log entries for traffic that is being blocked by the implicit deny rule for inter-zone traffic. If I enable a security policy that permits any application I’m able to play a video on webpage...

Downloads stuck at 0%

Hi All, Firewall is connecting to update server. it retrieves all the recent PAN-OS versions and all dynamic updates(app ver). But when i start to download the software/dynamic updates, its connecting to update server and exchanging some packets but download stuck at 0% device is registered, restarted managment plane, cleared job id, stil...

Javith by L3 Networker
  • 4063 Views
  • 1 replies
  • 0 Likes

Resolved! Action Configured in Security Rules and Seen in Traffic Log is Inconsistent 7.04

Since upgrading to 7.0.4 our traffic logs now show the action of 'reset-both' and 'deny' when the rule explicitly has been set to 'deny'. This is occuring on multiple rules since upgrading from 6.1.8. Example: we have a rule to block specific applications like bittorent, http-proxy, hola-unblocker, etc and the action is set to 'deny'. But now ...

lewis by L4 Transporter
  • 8680 Views
  • 6 replies
  • 0 Likes

HSM setup in PAN-OS 7 setup HSM partition missing

Hello all I'm new in HSM configuration I configured the setup hardware security module. with a PANOS version 7 the result was success and in the admin guide is wrote that you have to configured the Setup HSM Partition but this does exist in the Hardware Security Operations area. any idee

HSM.png
Gregoux by L4 Transporter
  • 3416 Views
  • 1 replies
  • 0 Likes

Upgrade Panorama

hi, I have cluster firewalls in versions 7.0.4 but my panorama is in 6.1.2. Ive never upgraded panorama. Any manual?? Should i install the imagen base 7.0.1 to go to 7.0.4 or just donwload?????? its the same that upgrade a palo alto firewall?? any thing to know before??

Firewall rule auditng

Has any body have a procedure on how to audit and remove rules? We have alot of what appears to be unused rules so far I disable them, date when I disabled them and then a 30 days and then delete them. let me know if any one has any better method or suggestions

jdprovine by L4 Transporter
  • 6867 Views
  • 10 replies
  • 0 Likes

URL Filtering when Users are in Multiple Groups?

I am unsure of how to solve this issue with URL filtering. Lets say HR wants to block the job search category and the hacking category except for specific users. I have an Active Directory group to allow Job Search for people who are allowed to access those sites, and another AD group for IT people who are allowed to access the Hacking group. ...

Blocking Opera

Hi there, I’ve recently discovered that some users have downloaded Opera and with this they can have unfiltered internet access. I am going to remove this software from the PCs but wanted to know if there is a way I can block this traffic using my Palo Alto? Thanks

Error UserID

Hi, my users are having a error. sometimes when they try to access to any web, suddenly, the captive portal is shown (even if they are logged in domain). If they put the credentials in captive portal the web works and also if they logoff/logon the windows session and try to open again the web. It sounds like UserID problem. We have checked all t...

Resolved! Report-based Logging Without Interfering With Policies

Hi PANland, I'm back with another implementation question th So PAN devices log when you tell them to, but for their reports feature it seems that with or without logs they will keep unmutable counters of very basic information that has to be parsed anyway to make it through the firewall (ie. application, source, etc.). Here’s my situation: I’...

Resolved! Can't remove vsys specific SSL TLS Service Profile

This is a strange issue. PA-3020 recently upgraded to 7.0.4. The firewall is in single vsys mode. I installed new SSL certificates for Global Protect. Somewhere during the process of installing the new certificate and upgrading to 7.0.4, an ssl-tls service profile was automatically created. I didn't create it. I'm trying to delete that c...

  • 24379 Posts
  • 123 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks