General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Shared Gateway with multiple virtual routers

Hello,

I currently have my palo alto setup to use two VSYS ( VSYS1 AND VSYS2) each with its own virtual router.

I would like them to use the same interface for outgoing internet traffic which I though I could accomplish with "shared gateways"

My problem

...

riverj30 by L0 Member
  • 3247 Views
  • 3 replies
  • 0 Likes

Resolved! How to Clear Disk Space/reduce disk usage

Hi Friends,panos hshah hsharma HULK Steven Puluka panagent

Please suggest for the same.

i am already check below document and i think, i dont have permission to root access for PAN.

https://live.paloaltonetworks.com/docs/DOC-3772

https://live.paloalton

...

Satish by L4 Transporter
  • 10964 Views
  • 5 replies
  • 0 Likes

TCP Windows scale option

Hi, could someone explain if PanOS is able to consider  the filed "TCP Window Scale Option (WSopt)" ( http://www.ietf.org/rfc/rfc1323.txt?number=1323). when tcp asymmetric-path is disabled (drop)?

I mean that in my experience the firewall drop the pac

...

vzit by L1 Bithead
  • 8561 Views
  • 3 replies
  • 0 Likes

How to disable ssl v3 on vpn web page?

scanned the PA webserver we use for our VPN portal with qualys ssl scanner. Got a grade of F. Suggested to disable ....

 

  • Diffie-Hellman (DH) key exchange
  • 512-bit export suites
  • Ssl v2 and v3

how can I go about doing this?

choff123 by L3 Networker
  • 3129 Views
  • 3 replies
  • 0 Likes

Restrict Individual Administrators by Interface or IP

Is there a way to restrict access for specific administrators by interface or IP address? I really thought I'd seen this somewhere, but now I cannot find it in GUI or docs.

Quick explanation of what we want to do. We want to have a sort of backdoor, e

...

cosx by L2 Linker
  • 4215 Views
  • 4 replies
  • 0 Likes

Resolved! PAN-DB categorizing wrong

Hi,

We are expecting problems with PAN-DB. Our firewall in URL-Filtering is categorizing www.lavanguardia.com like category malware instead of NEWS.

Why is this happening??? how can i recategorize a web in PanDB????any troubleshooting with pandb in the

...

SOC_CSG by L4 Transporter
  • 4704 Views
  • 6 replies
  • 0 Likes

Standard Ports on Applications

I was wondering if anyone knew away to add a secondary default
port on an application. For example people in my company access web-browsing on
port 80 normally but there are a number of site that people have to use that
are based on port 8080. Is there

...

murphyj by L2 Linker
  • 2025 Views
  • 3 replies
  • 0 Likes

superreader Cannot Set CLI Parameters in Panorama

I recently upgraded Panorama to 6.1.1 from 5.0.11. When I did so, RANCID was no longer able to log into Panorama and do its configuration tracking.

I tracked down the problem to a superreader not being able to issue the "set cli pager off" command. Th

...

cosx by L2 Linker
  • 2456 Views
  • 2 replies
  • 0 Likes

Anyone use 6.1.2? Is it stable

I'm pretty interesting in upgrading to this version (on 6.0.8 at the moment). Specifically for the Wildfire email link analysis.

Anyone upgraded? Is it working fine or have you run into any bugs?

pmc by L2 Linker
  • 6298 Views
  • 10 replies
  • 0 Likes

Virutal Wire Mode (transparent mode?)

I just received a PA-500. This is my first PAN device, so some of the terminology is different from prior units.  From what I understand, virtual wire mode is the same as transparent mode.  Is this correct?   In short, I want to place this device bef

...

jharlow by L3 Networker
  • 7220 Views
  • 8 replies
  • 0 Likes

URL resolving to unknown while know on brightcloud

Hi guys,

We're facing a weird problem.

We currently have the unknown URL category set to alert in order to log all users traffic.

We tried to modify that because of some weird traffic categorised as unknown and always visiting russian website.

However,

...

sebbarmo by Not applicable
  • 7444 Views
  • 14 replies
  • 0 Likes

Resolved! arp timeout

Hello

As written on the manual the arp default timeout is 1800 seconds on paloalto firewalls

username@hostname> show arp ethernet1/1

maximum of entries supported : 8192

default timeout: 1800 seconds

total ARP entries in table : 0

total ARP entries shown :

...

George by L1 Bithead
  • 2724 Views
  • 3 replies
  • 0 Likes
  • 24130 Posts
  • 102 Subscriptions
This widget could not be displayed.
Top Solution Authors
Top Liked Authors
Labels