General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Global Protect Failed to open sub key

Hello All, i have problem with my GP. I configured it and for 99% users work fine. But a few has communicate "resend credential" and stuck. In log file PanGPA.log i have: (T6992) 12/01/15 11:24:08:539 Error( 129): Failed to open sub key 'Software\Palo Alto Networks\GlobalProtect\Settings\pre-vpn-connect' (T6992) 12/01/15 11:24:08:539 Error( 129...

ITBT by L1 Bithead
  • 4190 Views
  • 1 replies
  • 0 Likes

McAfee Evader - did You use it?

HelloI'm courius that someone is using it for testing PA device? What was the resoults?You can download this tool from http://evader.mcafee.com/Do You know other tools like this?With regardsSlawek

_slv_ by L4 Transporter
  • 6094 Views
  • 3 replies
  • 0 Likes

Global Protect DHCP Options

I have a PA-500. I have a basic configuration for Global Protect up and working - certificates, agent settings, etc. All is well. The client can route to internal resources as expected. Now, the next step I need to take for these VPN clients in transitioning from Cisco AnyConnect is that they must receive some custom DHCP options with their VPN ...

mkeller by L1 Bithead
  • 5790 Views
  • 4 replies
  • 0 Likes

OpenVPN behind PaloAlto

Hi! We can't get OpenVPN to work. Our Juniper-SA works well. The setup is only working without Firewall: Laptop (static IP 80.0.0.4) attachted to an switch and the OpenVPN server attached to the same switch (eth1, dmz) Our Policies: Monitor: Konfig - OpenVPN server DMZ: iface eth1 inet staticaddress 80.0.0.5netmask 255.255.255...

palo-config-policy3.png
palo-config-monitor.png
Morneweg by L1 Bithead
  • 9836 Views
  • 7 replies
  • 0 Likes

Block the remote desktop acces with Palo Alto Network

Hello, In or company i need to block the remote desktp access of a specific address to the critical server like database server. I add a security rule in the PA-500 by block (ms-rdp and t.120) applictions to a specific address by without any result. How could i blck the remote access ? Please i need you help

RCHAIBI by L2 Linker
  • 12246 Views
  • 8 replies
  • 0 Likes

NAT and site to site VPN

Hello, We're trying to build a Site to Site VPN connection with an other company. They are installing software on two of our servers (10.130.0.100 and 10.202.20.20) and they need the VPN to automatically transfer configuration and other files. The VPN-link is active but we have a problem with overlapping subnets. They use subnet 10.0.1.0/24, b...

VPNPrblm.PNG

Resolved! Panorama Dynamic Updates

I see three locations for Dynamic Updates while logged into the Panorama device. Panorama Tab >> Dynamic Updates Panorama Tab >> Device Deployment >> Dynamic Updates Device Tab >> Dynamic Updates (for each Template) I think I know what 2&3 are for. 2 is for pushing scheduled updates down to selected firewalls fro...

Blocking Malware Callbacks

Malware Callbacks for command&control and also for data exfiltration are often transported in HTTP POSTs. The URL blocking of category malware URLs seems only to block the HTTP response. The GET or POST request seems to pass untouched to the server. So it is possible to exfiltrate arbitrary data in the GET or POST request. What is the su...

Unibw by L2 Linker
  • 4060 Views
  • 2 replies
  • 0 Likes

Interface question

Hi! This is our network: My question is about interface 1/6: I can ping the juniper from outside the network. But I can only ping the OpenVPN Server if I configure the IP-Address 80.0.0.5/32 explicit in this interface. Without this entry (80.0.0.5/32) I can't ping this server... why 🙂 !?

netz-skizze.jpg
interface-aktiv.png
Morneweg by L1 Bithead
  • 2875 Views
  • 3 replies
  • 0 Likes

Unlisted YouTube Video being blocked but All Other YouTube Videos are Viewable

Our company has hired someone to make a sales video and they have released a draft of the video on YouTube. The draft is an unlisted YouTube video and our users are not able to view it. The page opens and the video screen just spins, trying to connect and play the video. All users are able to view any other YouTube video that is publicly listed....

  • 24401 Posts
  • 123 Subscriptions
Top Solution Authors
Labels