General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

QoS Guaranteed

Hi, I would like to book (guaranteed egress) 5Mbps for streaming in one of my vlan. My outide-Internet (egress) interface is eth1/1. The class for streaming is CLASS 1 (real time) right????whats the difference between "clear text traffic" and "tunneled traffic"??? Im using a PA2020, i can do QoS for limited bandwith and guarranteed in this model...

SOC_CSG by L4 Transporter
  • 4156 Views
  • 5 replies
  • 0 Likes

Resolved! ISP Failover Email Alert

Recently we configured ISP failover on two PA500s using PBF for the primary ISP and the virtual router for the backup ISP. We would like to setup some kind of email notification, or alert when this failover occurs. I've looked through the Admin Guide to try to figure out the best solution and the forums and haven't found a solution yet. What wou...

How to configure PAN to Azure VPN tunnel

I'm sure I'm not the first one to do this, but since I wasn't able to find a document on how exactly to do it, I figured I'd contribute one. I'd appreciate any corrections or optimizations.The Azure side documentation is pretty clear online and honestly there aren't many options available to configure. But here are is my Azure address space for ...

bjdraw by Not applicable
  • 15415 Views
  • 8 replies
  • 4 Likes

GlobalProtect Pre-Logon with Windows 8.1

I have been testing out a new GP portal/gateway on my firewalls for Pre-Logon/Always On as I would like to eventually like to move all remote workstations to this model. With that said, I notice when I enabled the pre-logon and SSO a new icon shows up on the logon screen which is confusing my users. Some click on it when logging in and others ...

nthen by L3 Networker
  • 4405 Views
  • 3 replies
  • 0 Likes

Resolved! Monitoring Accessed URL's

Hi Everyone,We have the URL filtering license, I am trying to log all websites that a user access, however, I noticed PA only logs websites which the user fails to access due to a URL filtering policy, ie only websites that are blocked from the user because they fall under a blocked category.Is there a way to log user access to all URL's.Thanks

rsaber by L1 Bithead
  • 6254 Views
  • 3 replies
  • 0 Likes

Resolved! Destination NAT of ESP and GRE

Hi all,I'm hoping somebody might be able to help with this unusual scenario please?I have been tasked with replacing an old linux based firewall with a PA-500 device.Initially the configuration of the PA-500 should just replicate what the current firewall is doing before we start phasing in the additional security capabilities of the Palo.The on...

DavePalo by L4 Transporter
  • 7725 Views
  • 3 replies
  • 0 Likes

Set time in report email scheduler

Hi,I think it´s a problem that we are not allowed to decide the time a report should be sent. According to support it´s automatically set at 2:am to releive the box of this burden during normal office hours. How Plao Alto knows every customer and their working hours is a mystery to me. And when trying to troubleshoot report delivery this becomes...

mgusta by L2 Linker
  • 2981 Views
  • 1 replies
  • 0 Likes

Resolved! Global Protect 2.3.1 and Windows 10 support

HelloI try to check it in pdf https://downloads.paloaltonetworks.com/software/GlobalProtect-Agent-2.3.1-RN.pdf?__gda__=1438918935_ba8887ff43fdf2364df6…but there isn't such information Could someone tell me that Windows 10 is supported ?If this info is nessesary I'm on 6.1.4 and GP 2.3.0.RegardsSlawek

_slv_ by L4 Transporter
  • 4701 Views
  • 2 replies
  • 0 Likes

What is the best PANOS version to PA 5020 & 5050 Plantforms

Hello Community,I have 37 PA Firewalls.9: 5020 Current version PANOS 6.1.428: 5050 Current Version PANOS 6.0.4 Reading the security advisories the 5050 devises must be with PANOS 6.0.8 and the 5020 with PANOS 6.1.4. But I would like to know, which PANOS version might to upgrade these devices without affect the running configuration?I apprec...

Apadilla by L3 Networker
  • 4265 Views
  • 3 replies
  • 0 Likes

Resolved! Automated Correlation Engine - Will it look at log entries from before the upgrade to PAN-OS 7?

I have logs going to Panorama from Firewalls running PAN-OS 6.1.5, I recently upgraded Panorama from 6.1.5 to 7.0.1. Does anyone know if it will look at the old log events in the correlation engine or if it will only look at new ones coming in?Any way to test and confirm that the automated correlation engine is working?

bgirdner by L2 Linker
  • 4429 Views
  • 1 replies
  • 0 Likes

User-ID ignore multiple users - agentless or agent

Hi,I've got an installation with approx 70k+ users, where user-id is an important factor. I want to ignore all user with prefix adm or svc in the user name(admin and service accounts) from user-id, to avoid getting unwanted ip-user-mappings. I have the option to both use agentless and agent on windows server. There are so many admin and service ...

torm by L4 Transporter
  • 6093 Views
  • 3 replies
  • 0 Likes

Block File inf_pu_toolkit_v2.swf

Hi,Two of our users have visited a site and downloaded the file inf_pu_toolkit_v2.swf. The file was submitted to wildfire, but I want it to be blocked from being download again. Where do I go about doing that?

Akamai Technologies?

It seems nearly every time I need to determine the URLs that are using what seems to be excessive bandwidth, this one comes up the most. Akamai Technologies. I understand they are a CDN, but if most services rely on their services and that is as far as we can go to determine the source, this really kills any advantage of the PA; or at least the ...

jharlow by L3 Networker
  • 8033 Views
  • 3 replies
  • 0 Likes

Resolved! interface and subinterface configuration for untagged VLAN 1

I have a switch that is allowing all VLAN 1, 44, and 120. I have the following configured:on the physical interface I am using 192.168.0.1/24 which is VLAN 1created two sub interfaces for each VLANsubinterface .44 tagged 44 IP address 172.20.44.1/23sub interface .120 tagged 120 IP address 172.20.120.1/24Is this the correct configuration?

  • 24404 Posts
  • 123 Subscriptions
Top Solution Authors
Labels