General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Lync Federation Traffic

Hi Guys, Recently we've configured Lync 2013 on our network. What i've noticed on the PA external firewall is the Lync federation traffic from the internal lync clients to for example 'Skype clients' on the web or other organizations is classified on the PA as 'unknown-tcp'... on port 443. Currently i've got a security policy purely allowing 'un...

PAN-DB URL Category List

Hi Everyone! I'm being asked to provide a report of all of the applications, categories and URLs we are currently blocking. Does anyone know how to obtain this?

dgoins by L1 Bithead
  • 2971 Views
  • 2 replies
  • 0 Likes

Global Protect - User login from only one device at a time

Hello, I have configured global protect and was able to connect successfully. But is there a way to restirct user login from only one device at a time?. Meaning if the user has a laptop and a smart phone , the user should connect either from the laptop or from the smart phone at time. Please help me to resolve this issue ASAP. Thanks and Regards...

Resolved! UserID Built-in Syslog listener - Limitations?

We use the Syslog integration in the PAN Agents to forward User/IP-mappings from our wireless controllers to PA 5020 firewalls. We are considering to move the Syslog integration to connect directly with the PA5020 instead of the PAN Agents. But i remember having read something about limitations on the built-in Syslog reciever. That we should st...

Resolved! Outlook timeout issues

DescriptionWe are experiencing a timeout problem when using outlook/exchange across the PA firewall.When the RPC connection between Outlook and Exchange is idle, the PA apparently terminates the connection. This causes the Outlook client to hang/stall until restarted - and thereby establishing a new RPC connection. When the timeout occours, a Ba...

palo alto networks configuration

hello, I configured a PA-500 with routing mode in our company . I set the zone , the security rules , the nat rules . I allow all traffic from trust zone to untrust zone. But the problem there is no internet connection. We use a DNS server , that is in trust zone.I add a security role from untrust zone to a trust zone (with addressof DNS server)...

RCHAIBI by L2 Linker
  • 1930 Views
  • 1 replies
  • 0 Likes

SSL decryption inconsistency

Hi, I have enabled decryption on a small group for testing purposes. I have a simpel 2 rule setup, first exluding financial, health and custom white listed and then decrypt everything else. I have a hard time finding out why the same site in the same browser on different pc's behave differently. For example my colleague got ERR_SSL_PROTOCOL_ERRO...

Resolved! Processes on the Palo.

Hi,There are various processes that maybe restarted using the debug command. Most are self explanatory. But whats the difference between l3-service and routed ? and webserver and management-server ? and vardata-receiver.> device-server Device server process> l3-service L3 services server process> log-receiver Log R...

Resolved! how to clean disk space-GUI getting session timeout

not able to access firewall using GUI getting session timeout > show system disk-spaceFilesystem Size Used Avail Use% Mounted on/dev/sda2 1.9G 1.8G 0 100% //dev/sda5 6.6G 3.9G 2.4G 63% /opt/pancfg/dev/sda6 1.9G 1.1G 709M 62% /opt/panrepotmpfs 1.3G 69M 1.2G 6% /dev/shm/dev/sda8 2.4G 1.5G 784M 66% /opt/panlogs

pa-errors.JPG

Resolved! Issues with Asymetric Routing

Hello Community, I need your help to how to identify the asymetric routing in my PA-3020? and what are the best way to allow or bypass these traffic until solve the routing issue the third party device?. Best RegardsAndres Padilla

Apadilla by L3 Networker
  • 20635 Views
  • 4 replies
  • 0 Likes

Resolved! NAT rule being applied wrong

Hi, we have a static NAT from this ip 192.168.200.8 (zone DMZ) to 195.57. (zone VPN). But we realised that the NAT rule which is matching is wrong.Its matching the NAT rule (ftp.arag.es) but this rule has a filter by "Destination zone" Externa. And the real traffic is VPN<->DMZ Why PA is applying this rule if not being include the destian...

SOC_CSG by L4 Transporter
  • 4657 Views
  • 2 replies
  • 0 Likes
  • 24393 Posts
  • 123 Subscriptions
Top Solution Authors
Labels