General Topics

Different severity WebUI-Traps

Hi, we have had this vulnerability (ANGLER Exploit Kit Detection (37796)  in our LAN, and we realised that PA classified this vulneratibility in the WebUI with severity CRITICAL but in the traps and syslog that we received the severity for this vulne

Check_mk Package for snmp statistics

Hello

Currently I use the standard snmp statistics in my monitoring tool check_mk:

And for Sessions I use this packages Check_MK Exchange - Mathias Kettner

I'm looking for a package to monitor the firewall throughput, threat prevention throughput and IP

Anyone integrating 3rd party threat intelligence/malicious IP feeds into Dynamic Block Lists?

I'd love to integrate lists of known malicious IPs like those in the links below into dynamic block lists, but I'm worried about overblocking or a bad feed hosing us.  Has anyone used feeds similar to the ones below, either free or paid?  What was yo

Upgraded from 6.1.4 to 7.0 VOIP unable to receive external Calls

Good Day,

We recently upgraded from 6.1.4 to 7.0 prior to the upgrade all of the remote VOIP phones operated properly, however after the upgrade we were no longer able to receive external calls from anyone. IP phone to IP phone work fine but not able

2 Factor with Palo Alto, best solution?

What does everyone have setup as far as 2 factor goes?

I have a consultant here and we're thinking about going to the Microsoft MFA server route. Seems ok but not very flexible for things other than VPN.

Any feedback on other solutions would be appreci

How can I configure Global Protect for on-demand as well as pre-logon

Hello,

I have a scenario whereby I need to offer an on-demand VPN solution to untrusted endpoints as well as an always-on solution for my trusted endpoints. Running through guides I have been able to run a pre-logon VPN that has successfully allowed m

PA error '"useridd - virtual memory limit exceeded, restarting"'

Hi,

I have a cluster A/P of PA3020, PanOS 6.0.5. Im having this error in Monitor-Log-System: '"useridd - virtual memory limit exceeded, restarting"

Im not feeling any strange behaviour in Palo Alto, i dont know if this error should produce any impact..

About Minimum Password Complexity

Hello,

I have questions about Minimum Password Complexity.

If "minimum length" is set to some value, all accounts of administrator and local-DB are limited by this value of minimum length.

But if "Require Password Change on First Login" is set to enable

Wildfire question

Hello, I have a general question about wildfire. We would like to have wildfire inspect email attachments and send suspect files to WF for scan and remediation. My question is....how does this work? Does the firewall hold the email and wait for a fix

PA-500 isn't allowing some Google services (Play store, calendar sync, etc.)

Pardon the noob query or lack of actual technical knowledge in our PA-500 but I've been asked by my supervisor to see what might be blocking some Google services/apps on our new PA-500. I've tried to monitor the IP address (my personal cell phone) an

Migration Tool 3: Missing Checkpoint NAT Rules

Hi All,

I found an interesting problem while migrating a firewall policy from a Checkpoint system.  Has anyone seen this problem before? 

Checkpoint NAT:

Checkpoint has a special kind of NAT that you can configure on an object I'm going to call the "Au

New Project - PAN-OS 7

Hello Everyone,

I'm starting a new project where I will be migrating Juniper Firewalls to PAN-OS.

I would like to hear an opinion if there is a point to migrate to 7.0 instead of latest 6.1.x.

I would appreciate complete and well explained suggestions.

T

Replace Panorama Virtual Disk

Hi All,

we are running a fresh installation of Panorama VM and need to allocate more space for logging & reporting.

This scenario is well explained in the Panorama Admin Guide on Page 163 ff. but we are wondering if it is neccessary to export and impor

Management profile setup on the outside interface for remote management, Panorama not communicating.

I have a management profile setup on my outside interface at a VPN site for remote management.

I have my in-band management port settings set to blank fields.  Panorama doesn't establish communication with this firewall.

I am wondering if it is becaus

Layer 3 Stops Passing - All PanOS versions incl. 6.1.3

I have opened this with TAC a while ago but I continue having issues with Layer 3 not passing through the untrust/internet interface at random times.  I have had this happen 5 to 10 times on different PA-200's.  Some have repeated.  I was hoping a fi