General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

VM-100 responding with SYNACK on all ports

Hey, I've got an evaluation of the VM-100 (v7.0.2) setup, but I'm finding that for some reason the firewall appears to be intercepting requests and completing a TCP 3-way handshake, regardless if the ultimate destination has the port open or not. Has anyone got any idea if this is normal behaviour, or if I've miss-configured something somewher...

block http download based on the download file hash value

Dear all, I have asked to look for a solution, we want to receive alert based on specific file download via http, we have the file MD5 or SHA1 hash value. Can I do this with a PAN? The filename could change, I don't know the file size but I have the file hash value.. Thanks for your helps in advanced, E

Palo Alto networks PA-500 with PowerDesine 3001 POE modem

Hello, I like to replace the cisco ASA 5510 with PA-500 in the company . I do all the necessary configuration in the PA-500 but always it still a problem of internet connection. I configure the PA-500 with the same specification configured in the Cisco ASA5510 ( MTU size, the Vrouter...) but always I still have the same problem. In the guide ...

RCHAIBI by L2 Linker
  • 3779 Views
  • 3 replies
  • 0 Likes

Resolved! Panorama Traffic log forwarding

I have traffic log forwading from Panorama to an external syslog server working correctly however I would like to see the device the log was generated from included and not the default "Panorama". Is this possible? This is what I see on the external server: Oct 20 13:10:59 Panorama 1,2015/10/20 13:10:59,001801009725.............. Thanks

r24481 by L1 Bithead
  • 5048 Views
  • 3 replies
  • 0 Likes

Resolved! Panorama CLI - list of values

We run Panorama v7.01 and have a requirement to edit the template stack from the CLI. The CLI path is as follows: configure edit template-stack <stackname> set template ??? Under the set template context I need to add a list of templates, however cannot work out the correct syntax. The help (?) switch shows "[ start a list of values" b...

Resolved! shell request failed on channel 0

Trying to do an SCP copy to a server, but I can't get past "shell request failed on channel 0". Using Solarwinds, and it says Authenticated user "username" from IP "ipaddress", but it always fails from the firewall. Any ideas?

craymond by L4 Transporter
  • 22212 Views
  • 4 replies
  • 0 Likes

Resolved! PAN-OS 7.0.2 SSL Decryption certficate untrust issues (No problem on 7.0.1)

Yesterday i upgraded my pa vm-100 from panos-7.01 to 7.02.After that facebook stopped working with SSL decryption on. After some testing and troubleshooting this seems to be the problem.The problem is that some akamai domains that facebook uses gives me an palo alto certificate untrusted page.for example this domain: https://fbcdn-profile-a.akam...

Beware ! PAN-OS 7.0.2 - Seemed to kill AV and inspection

Hello Environment Rule base is established and working with LDAP integration for users . Outbound SSL SSL decryption is also setup and working 7.0.1 Rules allow a group to talk to the Internet. Security profile are used for AV, Anti Spyware , URL filter and File blocking. SSL decryption is also setup . Symptom A bespoke Response Page is setu...

Deny the access to the servers in LAN zone

Hello, I need to restrict the access to a critical server in our company i the LAN zone . I add a security rule that restrict for exemple the address 192.18.1.25 to access to database server tht has the address 192.168.1.20 . I add a security rule from LAN to LAN with this address but the rstrection do't work! How can i do this restriction ? ...

RCHAIBI by L2 Linker
  • 5122 Views
  • 6 replies
  • 0 Likes

How to Allow an App But Block a "Depends On?"

From what I understand, you need to explicitly allow "depends on" apps for a given app to work, https://live.paloaltonetworks.com/t5/Management-Articles/How-to-Check-if-an-Application-Needs-Explicitly-Allowed/ta-p/61893 However, what if I want to only allow the "child" application, but not the parent? My example is "logmein." We explicitly...

cosx by L2 Linker
  • 4495 Views
  • 2 replies
  • 0 Likes

Resolved! Eicar no longer in AV signatures?

Is Eicar testfile no longer blocked by PA? I've tried through 2 PA devices and on both occasions it arrived to endpoint station (where was blocked by endpoint AV). On 8th September 2015 same configuration was still blocking it. Yes, I am trying http version, I have AV on block etc.

santonic by L6 Presenter
  • 5766 Views
  • 4 replies
  • 1 Likes

Aggregate Ethernet Trunked Traffic in a VWire

Hi Team, I was wondering if the below is acheivable. I plan to deploy vwires for this setup. Upstream switch's are Cisco switch's and same with downstream. (downstream switch's are stacked switch's - so logically one switch) The red is indicating one VLAN, like wise blue. We are planning to create an aggregate ethernet with sub-interfaces and...

Screen Shot 2015-10-17 at 15.45.02.png

Issues with SSL Inspection

Hi, I am having this weird issue where an application breaks because of SSL inspection. I have made an exclusion based on the certificate:ssl-exclude-cert [ login.salesforce.com *.salesforce.com ]; However, the firewall still decrypts the traffic, and it looks like it does when a different application is detected: This traffic is generated by ...

salesforce.JPG
MMCiobanu by L3 Networker
  • 5757 Views
  • 6 replies
  • 0 Likes
  • 24396 Posts
  • 123 Subscriptions
Top Solution Authors
Labels