General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Threat Vector, a Unit 42 Podcast, is Now on LIVEcommunity!

We have some exciting community news to share: Threat Vector, a Unit 42 podcast, is now on LIVEcommunity!

 

Threat Vector is your compass in the world of cyberthreats. Listen to this biweekly podcast to learn about unique threat intelligence, cutting

...

jforsythe by Community Team Member
  • 74 Views
  • 0 replies
  • 0 Likes

How and Why to Accept a Solution to Your Post

Did you know that you can help your fellow community members by accepting solutions when a reply answers your question. Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature

...

JayGolf_0-1691518400714.jpeg
JayGolf by Community Team Member
  • 3324 Views
  • 2 replies
  • 14 Likes

Antivirus Decoder Action

I feel silly asking this - wouldn't you want a deny on any decoder where a virus is detected rather than allowing the traffic and just throwing an alert?

Error in XML API Usage Guide (Section 2.2.4 Edit)

The example given by the XMP API Usage Guide for the Edit command which replaces group membership of a static group is incorrect.

The guide shows the syntax for providing the value for the element parameter: <static><entry name='test'><member>abc</me

...

Alextc by Not applicable
  • 2416 Views
  • 0 replies
  • 2 Likes

GlobalProtect with "Vodafone Mobile Connect"

Hey there,

my colleagues are not able to connect via the HSPA USB Stick "Vodafone Mobile Connect" with our GlobalProtect gateways.

I do not see any error-message on the Firewall, only a successful log in but the client disconnect after ~1 second. Also

...

Debugging OCSP query errors

Our GlobalProtect setup does OCSP checking of client certificates, to an internal OCSP-server.  Every once in a while, the lookup fails (as in no response from server, connection denied, or whatever), and the client is denied access (Gateway gpgw.dom

...

hklygre by L1 Bithead
  • 2426 Views
  • 0 replies
  • 0 Likes

Error synchronizing config because of Certificate

Hi,

We have a cluster active/Pasive. We have created a certificate signed by external authority with this config:

After creating the certificate we have done a commit and the config failed synchronizing to the passive firewall.

¿The certificates pass th

...

SOC_CSG by L4 Transporter
  • 1913 Views
  • 2 replies
  • 0 Likes

Shared Gateway with multiple virtual routers

Hello,

I currently have my palo alto setup to use two VSYS ( VSYS1 AND VSYS2) each with its own virtual router.

I would like them to use the same interface for outgoing internet traffic which I though I could accomplish with "shared gateways"

My problem

...

riverj30 by L0 Member
  • 3017 Views
  • 3 replies
  • 0 Likes

Resolved! How to Clear Disk Space/reduce disk usage

Hi Friends,panos hshah hsharma HULK Steven Puluka panagent

Please suggest for the same.

i am already check below document and i think, i dont have permission to root access for PAN.

https://live.paloaltonetworks.com/docs/DOC-3772

https://live.paloalton

...

Satish by L4 Transporter
  • 10474 Views
  • 5 replies
  • 0 Likes

TCP Windows scale option

Hi, could someone explain if PanOS is able to consider  the filed "TCP Window Scale Option (WSopt)" ( http://www.ietf.org/rfc/rfc1323.txt?number=1323). when tcp asymmetric-path is disabled (drop)?

I mean that in my experience the firewall drop the pac

...

vzit by L1 Bithead
  • 8039 Views
  • 3 replies
  • 0 Likes

How to disable ssl v3 on vpn web page?

scanned the PA webserver we use for our VPN portal with qualys ssl scanner. Got a grade of F. Suggested to disable ....

 

  • Diffie-Hellman (DH) key exchange
  • 512-bit export suites
  • Ssl v2 and v3

how can I go about doing this?

choff123 by L3 Networker
  • 2929 Views
  • 3 replies
  • 0 Likes

Restrict Individual Administrators by Interface or IP

Is there a way to restrict access for specific administrators by interface or IP address? I really thought I'd seen this somewhere, but now I cannot find it in GUI or docs.

Quick explanation of what we want to do. We want to have a sort of backdoor, e

...

cosx by L2 Linker
  • 3663 Views
  • 4 replies
  • 0 Likes

Resolved! PAN-DB categorizing wrong

Hi,

We are expecting problems with PAN-DB. Our firewall in URL-Filtering is categorizing www.lavanguardia.com like category malware instead of NEWS.

Why is this happening??? how can i recategorize a web in PanDB????any troubleshooting with pandb in the

...

SOC_CSG by L4 Transporter
  • 4381 Views
  • 6 replies
  • 0 Likes

Standard Ports on Applications

I was wondering if anyone knew away to add a secondary default
port on an application. For example people in my company access web-browsing on
port 80 normally but there are a number of site that people have to use that
are based on port 8080. Is there

...

murphyj by L2 Linker
  • 1926 Views
  • 3 replies
  • 0 Likes

superreader Cannot Set CLI Parameters in Panorama

I recently upgraded Panorama to 6.1.1 from 5.0.11. When I did so, RANCID was no longer able to log into Panorama and do its configuration tracking.

I tracked down the problem to a superreader not being able to issue the "set cli pager off" command. Th

...

cosx by L2 Linker
  • 2380 Views
  • 2 replies
  • 0 Likes
  • 24124 Posts
  • 100 Subscriptions
Top Solution Authors
Labels