Netflow records with zero values for byte and packet counts

I'm running PanOS 5.0.11 on a 5060 and am looking at exporting netflow into SiLK.  In the SiLK logs, I'm seeing thousands of messages that look like this:

Oct  9 09:37:43 hostname rwflowpack[3470]: IGNORED|111.222.112.13|100.200.195.225|33775|6917|6|0

How to request Palo Alto to add the Certificates to the trusted CA?

Hi guys,

Our staff try to access on website https://webmail.spintel.net.au, but session 'aged out'. If we set that website to bypass decryption, it worked.

The certificate was issued by RapidSSL SHA256 CA- G3, but it is not on the trusted CA list. How

most stable panos 6?

Hi,

we're planning on upgrading from version 5.0.8 to version 6.x.x. Which version of panos 6 is the most stable?

Thanks.

Dynamic Update Issue?

Our library has a Millenium server, the application is millenium-ils.

It stopped communicating after APP+Threat  release 484 installed.

I rolled back to APP+Threat release 482 and it restored communication.

This morning APP+Threat  release 485 installed

Threat Prevention best practice ?

Hi Commuity,

I'm looking for your tips and hints regarding TP best practices.

(hopefully this newbee question is not too bad :smileyconfused:)

Let me explain our setup:

As a first step to a new IT Security Infrastructure we are running a HA-pair of PA-3

Required: PAN IPSEC Hub best practices for 300 route based IPSEC tunnels

Pan documentation is very weak on large scale mutli-vendor IPSEC hub terminations.   Can someone help out and provide best practices, reference architecture, guides, pitfalls or experiences?

My design goals:

     -  Separate VSYS

     -  Use dynamic ro

Issue with AD integration after OS upgrade.

Hi Friends.

i am facing AD integration issue after PAN OS upgrade OS version 6.1.2. The firewall connection with AD server breaks at random and the AD users disappear from the firewall. After a while the firewall connection with AD server gets restore

WF-500 Configuration Help.

Dear Friends,

I am facing some challenge during the WF-500 configuration. please find the below configuration

MGT FW- IP :- 192.168.1.10/26

GT- IP :- 192.168.1.2 

MGT WF -IP :- 192.168.1.11/26

GT :- IP :- 192.168.1.2

But problem is that, when we are try t

Block Activesync connections for disabled users?

Is there any way to block ActiveSync connections at the FW for disabled users?  I have several users that have left the company and their accounts have been disabled, however they still have ActiveSync configured on their mobile devices trying to con

Can 'admin' account be deleted?

1) We have several PA-3020's running 6.0.1 in our organization with only a few admin user accounts which integrated with AD, so audit wants to know if we can delete the generic accounts like "admin" or "panorama"?   Any negative implications to doing

No traffic in traffic log - VM100

Hi Guys,

Following on from my last post - Site-to-Site VPN - Palo alto to Cisco Router issue

i am experiencing an issue with my PA VM100, there is nothing in the traffic logs....

this is running on VMWare workstation 11

But there is traffic flowing thro

how to handle Google SSL traffic?

Hello,

I am new to PanOS devices, we recently got PA-200 router which is quite different from classic routers. Long story short - my problem is SSL traffic, I am trying to prioritize our traffic since for now we have only 10Mbit link, we have people w