General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Rules proccessing

Hey

i have a problem that traffic does not match to a rule

i have this rule

"VIP Users" {

                  profile-setting {

                    profiles {

                      file-blocking "Allowed file type-VIP";

                    }

                 

...

minow by L4 Transporter
  • 1020 Views
  • 1 replies
  • 0 Likes

PA500-Losing Config on reboot.

Hi Guys,

Have an issue with a pa-500 firewall running 5.11 os. There are 2 problems:

1. The system seems to reload every week or so which in itself is bad enough,  but when it reloads it is backnto default config.

2. A slightly lesser issue is that the

...

Wes_Neary by Not applicable
  • 1127 Views
  • 1 replies
  • 0 Likes

1-to-1 NAT

Ok need some help. I have a 1-to-1 NAT that is not working. Monitor-Traffic shows the Application as incomplete.

NAT Policy

Security Policy

Monitor

ddavis1 by Not applicable
  • 3075 Views
  • 9 replies
  • 0 Likes

Routing Problem with Active/Passive and Two ISP Links

All,

I have a bizarre situation and I'm wondering if anyone has seen it before.  We are currently using a pair of 5050s in Active/Passive.  They are configured with a very simple OSPF instance and have their default route injected via that OSPF instan

...

Resolved! Which are the PAN-DB URL categorization rules?

When an URL is categorized as malware by PAN-DB, I can´t find the reasons of  such decision.

Why has it been categorized as malware?

Is there any way to know more about such decision?

I will be grateful if you can explain me this decision.

G.A.

Resolved! Global Protect Upgrade Process

Currently on v1.1.6 and want to upgrade to latest.  Can I go directly to v2.0?  (I will make sure the certificates match)

rrau by L3 Networker
  • 2766 Views
  • 2 replies
  • 0 Likes

Resolved! New to Palo Alto - Append Policy Question

Good day all,

I am new to Palo Alto so this question might actually seem rather trivial.

Most of my peers configure from the GUI and are not very familiar with the Command line.  I am more comfortable with the command line so I am trying to do configu

...

Resolved! Simple FW Setup

I have a PA-200 that I'm trying to set up in a simple lab environment. Eth1 is configured as a layer 3 interface with a public IP on it and Eth2 is configured as a layer 3 interface with an internal IP address on it. Eth2 is configured to hand out DH

...

jl5678 by L0 Member
  • 1769 Views
  • 6 replies
  • 0 Likes

Resolved! Security rules when ISP is caching?

In looking at outbound traffic I can see quite a bit to a network range owned by my ISP. I'm guessing that it's a cache. The application traffic seems to be what one would expect to be efficiently cached (ms-update, symantec-av-update, http-video, et

...

MCmgt by L2 Linker
  • 1894 Views
  • 4 replies
  • 0 Likes

Migration from Juniper to Palos

Hi all,

We're in the process of migrating from Juniper ScreenOS devices onto our new Palos and I have some questions about ALGs and service timeouts.

On our Junipers, there were a couple of ALGs that we had to turn off due to them mangling the applicat

...

Mack by L2 Linker
  • 3898 Views
  • 13 replies
  • 0 Likes

TCP 135 traffic coming from firewall IP to internet ip's?

We received notice from our ISP of flagged traffic coming from our firewall's internal ip address to many internet ip's via tcp 135. User ID is turned off on the public facing security zones. We are on PanOS 6.0.0

Anyone else seen this? I set a securi

...

Netwerx by L2 Linker
  • 2530 Views
  • 1 replies
  • 0 Likes
Top Solution Authors
Top Liked Authors