General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Replace Panorama Virtual Disk

Hi All,we are running a fresh installation of Panorama VM and need to allocate more space for logging & reporting.This scenario is well explained in the Panorama Admin Guide on Page 163 ff. but we are wondering if it is neccessary to export and import the System Logdb or could we just skip this Step? What will be the possible consequences be...

Management profile setup on the outside interface for remote management, Panorama not communicating.

I have a management profile setup on my outside interface at a VPN site for remote management. I have my in-band management port settings set to blank fields. Panorama doesn't establish communication with this firewall.I am wondering if it is because the management ip information is blank, or do I need to configure something else to allow Panor...

Layer 3 Stops Passing - All PanOS versions incl. 6.1.3

I have opened this with TAC a while ago but I continue having issues with Layer 3 not passing through the untrust/internet interface at random times. I have had this happen 5 to 10 times on different PA-200's. Some have repeated. I was hoping a firmware upgrade to 6.1.3 would finally fix this but yesterday one of my first 6.1.3 units locked u...

dusk2dusk by L1 Bithead
  • 12614 Views
  • 13 replies
  • 1 Likes

how to Evaluate PA 7.0.0 on v sphere VM100

Hi All,Can some help me how to Evaluate PA 7.0.0.1. I have installed VM 100 series with PA 7.0.0 on vshere environment.2. I have PA 5050 with PA 6.0.10 in production network.3. How to check ACC on my VM 100 series with PA 7.0.0.4. How traffic traps can be processed through VM.

KMallela by L2 Linker
  • 2936 Views
  • 1 replies
  • 0 Likes

How to convince PAN to know UID mapping for all vsys

Hi,We use multi-vsys and XMP API for UID. It works fine for vsys1. We use this sintax for login:<uid-message> <version>1.0</version> <type>update</type> <payload> <login> <entry name="user1" ip="10.1.1.1" timeout="20"> </entry> </login&gt...

segap by L1 Bithead
  • 3556 Views
  • 2 replies
  • 0 Likes

Resolved! New Logjam Attack

Hi,a new leak was found in diffie hellmann...http://arstechnica.com/security/2015/05/https-crippling-attack-threatens-tens-of-thousands-of-web-and-mail-servers/https://threatpost.com/new-logjam-attack-on-diffie-hellman-threatens-security-of-browsers-vpns/112916(german) http://www.heise.de/newsticker/meldung/Logjam-Attacke-Verschluesselung-von-ze...

Hithead by L4 Transporter
  • 7854 Views
  • 4 replies
  • 0 Likes

App downloading issue for wi-fi mobile users

Dear Friends,Need your suggestion for below issue.PAN OS 6.0.9Unable to download app from play store thru mobile.There have wi-fi environment, when mobile (smart phone ) users connected thrue wi-fi, he is able to browse internet but not able to download any app from google play store. security policy like source wi-fi zone destination untrust a...

Satish by L4 Transporter
  • 6469 Views
  • 8 replies
  • 0 Likes

Is possible create a custom admin role with a specific filter?

This question is for administration of PANORAMA and PALOALTO.I want to know, if is possible to create a custom admin role with a specific filter. For example, If I make a admin role for vsys or device group and check Monitor-Logs-Threats I want to that the users of this role only can view the logs of virus and wildfire, and the other threats the...

aromero by L1 Bithead
  • 3942 Views
  • 2 replies
  • 0 Likes

how to block UNKNOWN url category

how to block UNKNOWN url category on PA 5050.tddmwwnnowxo.com is unknow url category so PA URL DB allowed into my network. How to block unknown category.If we block unknown category will it affect any new urls which is not register in PA URL DB

KMallela by L2 Linker
  • 3956 Views
  • 2 replies
  • 0 Likes

DNS Proxy

Hi,Can someone post and example of how they set up their dns proxy?

Ifsnbpt1 by L0 Member
  • 6117 Views
  • 7 replies
  • 0 Likes

How can I be notified of failed hardware via email, snmp or syslog?

Hello everyone,We have experienced a FAN failure on our PA-500 and had the red led for the fan and a red fault led (but no idea for how long) - As we wasn't notified of this hardware failure. So my question is how can I set the Palo up to notify me of hardware issues either via Email, SNMP or syslog or all 3. Can some let me know how I could se...

Can I block files by signature?

I had a client ask if I could block files by hash. Without additional information -- such as what protocol, application, host, user-agent, etc. -- it wouldn't be possible to do this with a threat signature, so how else could it be done?Cheers,Coreymlutgen Brad Spilde

Resolved! Panorama doubts.

It is possible to edit a rule placed on the firewall through the panorama, because I can not edit rules coming panorama, directly on the firewall.

  • 24396 Posts
  • 123 Subscriptions
Top Solution Authors
Labels