General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

How to report malware

HiI know that I shuld report by WilDFireportal - I did it many times but now I have a problem.hxxp://www.kazevid.com/kSCdM3iIRbrKlZ contains malware reported as Trojan-SPY/Win32.emotet.qz or Trojan/Win32.vbkrypt.ynhg.This email that contains such link looks like:Please report it if You can.When I tryed report is as a file - wildfire complain tha...

_slv_ by L4 Transporter
  • 3702 Views
  • 1 replies
  • 0 Likes

syslog forwarding

I have everything configured to send syslog information from the palo alto to one of our syslog server. My issue is that none of the security policy IP ranges allows me to send the syslog information for a specific IP address that is going out to the internet at least that I can find. Any ideas would be appreciated

jdprovine by L4 Transporter
  • 8528 Views
  • 14 replies
  • 0 Likes

Many users receiving Captive Portal

Dears,We have been facing a lot of users identified by Captive Portal and not via UIA.Does anyone could suggest any troubleshooting/best practices to avoid this kind of behavior ? Thanks in advance!!

Resolved! Vulnerability assessment question

We're having a vulnerability assessment done, and want to make sure that the IDS/IPS part doesn't disable all attempts from the vendors IP addresses, just the application blocking/service blocking.Can I whitelist the 4 IP addresses and put them in a policy saying that for these addresses, do everything normally besides shutdown all communication...

rivkin by L1 Bithead
  • 8724 Views
  • 12 replies
  • 0 Likes

Resolved! user Id issue with active- active HA

Hello Friends,we have 2 firewall active-active HA mode. same LDAP configuration on both firewall. HA Active primary it working fine but secondary is not working. if primary goes down secondary work as a active, its also working fine. but it will not work when the primary will in working mode. Pan OS 5.0.11 it was working fine for both condition...

Satish by L4 Transporter
  • 7715 Views
  • 4 replies
  • 0 Likes

Layer 3 switch behind Layer 3 PA-3020 interface

So I'm new to my PA-3020 and trying to get beyond my basic config has introduced a new problem for me.I have a Layer 3 Cisco connected to my PA eth 1/2 via a routed interface on the switch. My traffic is all working fine now, but I want to make some changes.All my vlans have IP addresses on my switch, and they route via the switch routing table...

GCA by L1 Bithead
  • 5056 Views
  • 4 replies
  • 0 Likes

Poodle Bits Vulnerability

Looking for some guidance on this. I am seeing a lot of Poodle Bits vulnerability showing up on our threat monitor. Digging into the threat, the first item is always showing our current router (192.168.0.1) followed by two different attacker host from OpenX.org. I am not sure what this is referring to. I understand it is a vulnerability related...

jharlow by L3 Networker
  • 2885 Views
  • 3 replies
  • 0 Likes

Resolved! DNS top applications?

I recently installed a PA-500 on our network. Currently it is in virtual mode as I start to understand how to configure the device. One of the things I have noticed is that consistently, DNS is the number 1 application. Second is web-browsing. Just in the past hour, 27.7k sessions for dns and 24.1k for web. Is this typical? We house our own...

jharlow by L3 Networker
  • 5978 Views
  • 2 replies
  • 1 Likes

GUI Bug: Dynamic Source NAT

Hi All,Looks like there is a minor GUI bug in the NAT policy section of Panorama. Do you all see the same thing?Objects:NameAddressEXT_FW_192.168.0.1192.168.0.1/24EXT_FW_5.5.5.15.5.5.1/24EXT_FW_10.0.0.110.0.0.1/24NAT Rule:Translated PacketType = Dynamic IP And PortAddress Type = Translated AddressTranslated Address = EXT_FW_5.5.5.1The section o...

Slow management UI

Hi people,I have a PA-2050 that is extremely slow while navigating the management interface. Why is it so?Thank you for your help//Ron

ron_maiga by Not applicable
  • 5356 Views
  • 4 replies
  • 0 Likes

Resolved! HTTPS response page

Hi Friends,It is possible to enable the response page for HTTPS traffic. if yes then how ??RegardsSatish

Satish by L4 Transporter
  • 5383 Views
  • 3 replies
  • 0 Likes

QoS on aggregate interfaces

Hi All,Are there any tricks to getting QoS enabled on Aggregate ports?I have 8+VLANs running into two physical aggregate ports, that I want to enable QoS on.Possible, or not?

KatanaNZ by L3 Networker
  • 5031 Views
  • 5 replies
  • 0 Likes

BGP Across Two Data Centers

hey all, we have a customer who currently has two PA-2050 nodes setup with HA at one location.they would like to split the pair and have one PA-2050 at Site1 and the other at Site2 ... setup as Active/Standby.There would be two private L2 networks between them - one for the HA/keepalive and the other to tie in the inside interfaces.each pa-2050 ...

RHO by L0 Member
  • 2792 Views
  • 1 replies
  • 0 Likes
  • 24403 Posts
  • 123 Subscriptions
Top Solution Authors
Labels