General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

High Management CPU

Hi

Since upgrading a PA-2050 to 5.0.8 I noticed that the management CPU is always above 70% and DataPlane is under 5%. Do this behaviour is normal? Management CPU sometimes goes to 99%.

Best regards

Gonzalo Arroyo

SOC_CSG by L4 Transporter
  • 1795 Views
  • 4 replies
  • 0 Likes

Script to switch on/off captive portal by script

Hi,

I'm still interested in finding a solution to manage my PA500 captive portal feature to switch on and off during certain times of the day.  I have heard in another setting that one can switch captive portal on and off from a script.  Which command

...

Resolved! Mask Security Policy User Field?

Is it possible to mask or obfuscate the 'User' field of a security policy rule? I am testing monitoring user url activity, but I don't want other firewall admins to know who I am monitoring.

Mike

mike_cc by Not applicable
  • 1337 Views
  • 4 replies
  • 0 Likes

Alert at unauthorized DHCP server activity..

Hi,

It happens from time to time that students succeeds to connect a private router to our dorms network and it starts to propose leases that lead nowhere to our clients.

I wonder if my PA500 box can be configured to alert us if it discovers such DHCP

...

Resolved! Threat,virus Log

Oct 27 23:00:32 10.208.35.87 Oct 27 22:57:23 PA-VM 1,2013/10/27 22:57:22,007000001148,THREAT,virus,1,2013/10/27 22:57:22,192.168.1.73,192.168.2.71,0.0.0.0,0.0.0.0,Test,,,ftp,vsys1,Trust,Untrust,ethernet1/1,ethernet1/2,Log Forwarding,2013/10/27 22:57:

...

NHorsch by L1 Bithead
  • 1335 Views
  • 3 replies
  • 0 Likes

GlobalProtect client behind a proxy, configuration help

I am trying to establish an ssl vpn connection using the globalprotect client, but the client is behind a proxy using a configuration script.  I have tried calling paloalto support but they said their client is not proxy aware.  Does anyone know of s

...

bigtone by L1 Bithead
  • 8066 Views
  • 5 replies
  • 0 Likes

How to delete fw's certificates on panorama 5.1

Hello All,

I would like to delete the client certificates which was managed by panorama 5.1.4 before, however I can not delete it with cli "#delete panorama certificate client_0009C102391.pem".

As below screenshot, you can see that there is no any mana

...

Resolved! Tracking Youtube activity

We have a user that is uploading a great deal of traffic to youtube.

How can I drive down into the logs to find the user's account info, youtube channel name, or the URL where the content got uploaded to.

thanks

Paul

pleroux by Not applicable
  • 1384 Views
  • 2 replies
  • 0 Likes

Troubleshooting HA Sync

Hi All,

I've a HA Active/Active pair of PA-3020's managed via Panorama.

All was well until I had to replace one of the pair, I brought the new device into Panorama, added it to the correct group/templates and then finished the device config (IP address

...

pcook by L1 Bithead
  • 5472 Views
  • 7 replies
  • 0 Likes

Resolved! Same object different details

We've a number of firewalls managed via Panorama.

A number of those filewalls will have the same policy, except that the source or destination address will change depending where the firewall is deployed.

For example a rule to allow the remote sites (o

...

pcook by L1 Bithead
  • 2881 Views
  • 6 replies
  • 0 Likes

DNS service route doesn't work ?

Hi,

I am having troubles configuring dns service route for DNS.

DNS servers are behind tagged internal interface of PA-2050 device.

I was able to configure that for syslog and it sends all the traffic PA outbound to the server.

I was trying to do the sam

...

Resolved! Forwarding with ICAP

Is the Palo Alto Panorama able to forwarding using ICAP protocol to an code green. I was unable to find any document in the KB on if it is possible.

Top Solution Authors
Top Liked Authors