General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Threat Vector, a Unit 42 Podcast, is Now on LIVEcommunity!

We have some exciting community news to share: Threat Vector, a Unit 42 podcast, is now on LIVEcommunity!

 

Threat Vector is your compass in the world of cyberthreats. Listen to this biweekly podcast to learn about unique threat intelligence, cutting

...

jforsythe by Community Team Member
  • 321 Views
  • 0 replies
  • 0 Likes

How and Why to Accept a Solution to Your Post

Did you know that you can help your fellow community members by accepting solutions when a reply answers your question. Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature

...

JayGolf_0-1691518400714.jpeg
JayGolf by Community Team Member
  • 3677 Views
  • 2 replies
  • 14 Likes

Suspicious DNS Query

Hi All -

Looking through my threat monitor and I am seeing a lot of Suspicious DNS Query entries in there.  I have two internal DNS servers, and the entries are for both of them -- the drop-all-packets action is being taken, so it's good the PA is sto

...

Resolved! Clear the threat pcap database

Hey all,

Is there a way to clear the threat pcap database?

We are running PanOS 5.0.x so the pcaps are not automatically overwritten, and we get the message saying our daily packet capture limit has been reached.

We have turned off pcaps on the security

...

mr.linus by L4 Transporter
  • 4019 Views
  • 3 replies
  • 0 Likes

Basic GlobalProtect Walkthrough

Hello,

New customer here, currently working my way though configuring the various parts of the firewall...

At the moment, I'm working on User VPN, and I'm finding it difficult to find clear step-by-step documentation. I did manage to make an SSL vpn co

...

Skype manager custom application

Hello,

I'm actually blocking skype application but I would like to allow skype manager web site (https://manager.skype.com/).

The web site manager.skype.com is blocked because recognized as skype application.

The idea is to build a application that allo

...

Dropbox uploading

For dropbox on the web.  I need to block uploading, this works with chrome, ie.  but with firefox if i create a File-Blocking policy with the following. Firefox will not stop the dropbox upload.  IE and Chrome will.

Any application upload block

applic

...

markk96 by L3 Networker
  • 2171 Views
  • 4 replies
  • 0 Likes

Terminal Server Agent

Is there anyway to import a list of Terminal Server Agents installed to the firewall?

I have about 250 Terminal servers.

markk96 by L3 Networker
  • 3106 Views
  • 4 replies
  • 0 Likes

Resolved! CLI listing of all Security Policies

We are trying to reduce our unused Security Policies.  We created a custom report to show Security policies run in the past 30 days.

I would like a listing of all Security Policies and then remove the Policies that have not been run in 30 days.  I am

...

Jshively1 by Not applicable
  • 6856 Views
  • 5 replies
  • 0 Likes

PAN failover causes Cisco issues

Hi Guys,

Has anyone seen the PAN causing an issue with Cisco ASAs when doing a failover? I don't have much details yet but wanted to see if anyone has seen this or something similar.

Thank you in advance.


x by L1 Bithead
  • 4059 Views
  • 7 replies
  • 0 Likes

security policies: application vs service

how are application and service treated in a given policy?

multiple apps in a policy?

multiple services in a policy?

apps and services in a policy?

how are the different scenarios and'ed or or'ed?

Thanks

David

Resolved! Is it possible that traffics go on each other sub-interfaces with same physical interface?

Hello.

I want to make the following network-diagram. Is it possible?

A Cisco Nexus              Paloalto

VRF-1 ----------------------> eth1/1.1 | 1.1.1.1 | VR : default | trust

                 tag 10                                |

                     

...

Can I make custom application from MIME type?

Hello,

I want to make custom application(or vulnerability) from MIME type.

EXE of MIME Type is 'application/x-msdownload'

So I made two customer applications as the following patterns.

1. application/x\-msdownload

2. \x61 70 70 6c 69 63 61 74 69 6f 6e 2f

...

Resolved! SSL Ciphers

Does anyone have the ciphers list to configure on ISS and Apache that will fully support decryption? We're running PAN-OS 6.0.

mharding by L4 Transporter
  • 4256 Views
  • 4 replies
  • 0 Likes

Resolved! GlobalProtect Gateway on Different IP address

Let's say we  have an external facing interface  Ethernet1/3  with  Ip address of 1.1.1.14/28.   The upstream isp router is 1.1.1.1 all other addresses (1.1.1.2-1.1.1.14) are routed to the Palo Alto and in use for various web services, etc..

Per the d

...

travisj by L2 Linker
  • 4476 Views
  • 4 replies
  • 0 Likes
  • 24192 Posts
  • 100 Subscriptions
Top Liked Authors
Labels