General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Threat Vector, a Unit 42 Podcast, is Now on LIVEcommunity!

We have some exciting community news to share: Threat Vector, a Unit 42 podcast, is now on LIVEcommunity!

 

Threat Vector is your compass in the world of cyberthreats. Listen to this biweekly podcast to learn about unique threat intelligence, cutting

...

jforsythe by Community Team Member
  • 83 Views
  • 0 replies
  • 0 Likes

How and Why to Accept a Solution to Your Post

Did you know that you can help your fellow community members by accepting solutions when a reply answers your question. Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature

...

JayGolf_0-1691518400714.jpeg
JayGolf by Community Team Member
  • 3328 Views
  • 2 replies
  • 14 Likes

Resolved! What SSL/TLS versions are allowed for WEBUI

Hello,

I'm trying to verify which SSL/TLS versions and Ciphers the PANs accept for WEBUI connections.  Specifically I am trying to verify that it does not accept connections using weaker Protocols or Cipers and if it is configurable.

Please note that

...

Netflix application rolled in to web-browsing?

Last week I ran an ACC report for the top 25 applications.  Netflix was #3 (university environment, so it's to be expected).  Today, I ran the same report and Netflix (as an application) is no where to be found.  I launched Netflix on my computer to

...

bhelman by L2 Linker
  • 2866 Views
  • 3 replies
  • 0 Likes

Resolved! App-ID for Apple iOS Update

Hi All,

I'm preparing for tomorrow's iOS8 update.  Last year with iOS7, we got slammed on bandwidth.  This year now that we have the Palo Alto, I'm configuring QoS so that the iOS update doesn't eat all of our bandwidth.

Does anyone know what App-ID th

...

wocomike by L1 Bithead
  • 5061 Views
  • 5 replies
  • 0 Likes

User-ID IP mapping

Why does some traffic in the logs not have a user tied to the IP address at times even tho in the logs the IP has a user mapped to it most of the time.  This is causing policy to be dropped down to a different level.

markk96 by L3 Networker
  • 2483 Views
  • 5 replies
  • 0 Likes

Issue with static routes.

I look after a PA2050 running OS 4.1.8

I am trying to setup 2 new static routes in my virtual router but they are not being picked up when I do a show routing route or show routing fib after a commit.

One of the routes is a new one and the other is a r

...

phild by Not applicable
  • 5525 Views
  • 12 replies
  • 0 Likes

Resolved! How to remove an address-group member via XML API

Hi,

I would like to remove a single member from an address-group, here is the query I am sending:

https://firewall1.it.mydomain.net/api/?type=config&action=delete&xpath=/config/devices/entry/vsys/entry[@name='vsys1']/address-group/entry[@name='NameOfTh

...

Alextc by Not applicable
  • 4705 Views
  • 3 replies
  • 0 Likes

PAN in Layer 2 mode and Microsoft NLB

Hi!

Customer configured Palo firewall to work in Layer 2 mode to protect VLAN. In that VLAN there are two servers in MS NLB configuration. In VLAN configuration in Palo, static MAC entry is configured for virtual MAC address, but that entry isn't disp

...

mkopcic by L2 Linker
  • 3944 Views
  • 4 replies
  • 0 Likes

Resolved! App and Threat Compatibility MisMatch

Hey there,

I have 2 PA-500's currently on:

Software Version6.0.2GlobalProtect Agent1.2.3Application version461-2402 (10/14/14)Threat Version461-2402 (10/14/14)Antivirus Version1391-1863 (10/13/14)URL Filtering version4392

Software Version6.0.2GlobalProt...

Zewwy by L2 Linker
  • 5938 Views
  • 9 replies
  • 0 Likes

Resolved! PA-5020 Fans?

Just checking to see if this is normal.

I got a report today that the fan speed on our PA-5020 will speed up at random times, and calm back down. It's loud enough people can hear it outside of the closet.

Is that normal?

mharding by L4 Transporter
  • 2421 Views
  • 2 replies
  • 0 Likes

SSL Decryption

Hello,

We have quite a few students using hotspot shield and other tunneling apps to get around our filter. I've been successful in block a majority of them by blocking the hotspot shield app. However there are still a number of them getting though by

...

cpkaiser by Not applicable
  • 2884 Views
  • 5 replies
  • 0 Likes

Resolved! Can not check Forward Trust Certificate

Hi All,

My device is PANOS 6.0.5;

I have a problem with Certificate configuration.

On my device, I generate a Certificate follow How to Generate a CSR(Certificate Signing Request) and Import the Signed Certificate;

After, my 3rd party CA issue complete,

...

Certificate Bundle

Hi,

I'm get error on commit: "Warning: cannot find complete cerficate chain for certificate Certificate_Bundle"

I notice there are three bundles in the device certificates, but how do I know which bundle is being used?

How to I test this without breakin

...

asabadin by L1 Bithead
  • 3726 Views
  • 6 replies
  • 0 Likes

How to read SNMP Values from VPN-Tunnel-Interfaces?

Is it very easy to read SNNP Values from physical interfaces:

Connect the SNMP Browser to the PA

Set the right Community password:

PA shows you the interfaces - but only the physical IFs.

How to read SNMP Values from VPN-Tunnel-Interfaces?

Roman

See: Palo

...

rkra by L2 Linker
  • 2149 Views
  • 4 replies
  • 0 Likes
  • 24125 Posts
  • 100 Subscriptions
Top Solution Authors
Labels