General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

GlobalProtect Client - connection establishment speed

Hi there,we're experiencing a not-really fast connection establishment from the GlobalProtect client; with client cert and user credentials for authentication.When the computer has been restarted it can take up to 25 seconds. A re-connect later takes approx. 10 seconds.Currenty we're using the CheckPoint Client for VPN (credentials only), and th...

485-2569 Dynamic Updates issue?

Anyone noting a large increase in triggering of following threat ID's after this Update (485-2569) was applied? ( threatid eq 36485 ) - OpenSSL SSL/TLS MITM vulnerability( threatid eq 36420 ) - OpenSSL TLS Heartbeat Information Disclosure Vulnerability - Reverse HeartbleedI've rolled it back as it was dropping a lot of HTTPS traffic for sites th...

jar file blocked by Data Filtering

Hello together,i have the problem that a jar-file would be blocked and categorized as a "Microsoft PE File". The PE Files are blocked by a "File Blocking Profile", thats okay, but jar files actually not blocked in that profile??? And i think this jar file shouldn't categorized as a PE File???Perhaps somebody has similar problems.Any suggestions?...

ITSama by L2 Linker
  • 5004 Views
  • 3 replies
  • 0 Likes

Resolved! I can not access a website

Hello. I have a PA500 with firmware 6.0.7 In the Monitor menu - URL Filtering, I can see that the site is allowed, but the computer can not see. Connected directly to a modem see the page if it is working. How can I solve this problem? Thank you very much.

Panorama Save Devices

Is there anyway to save all devices from Panorama after a commit? I'm currently changing contexts in Panorama to each individual device and saving them that way, kind of a pain.Thanks!

Creating a scheduled report in GlobalProtect to see a VPN logins

Dear all,i have searched for a while now and was reading through the documentation. Unfortunately I didn't find anything.I would like to now if it is possible to get a report created which fulfills the following criteria:- logs all VPN logins done by the users- is sent out automaticly on a given timeThanks and regards,Rene

Rboehme by L2 Linker
  • 1920 Views
  • 1 replies
  • 0 Likes

URL Categorization reference and examples

HelloI'm trying to get information and URLs of examples for the following categories:CategoryActioncheatingallowdead-sitesallowdynamically-generated-contentallowgrossallownot resolvedallowprivate ip addressallowproxy avoidancealertquestionableallowURL/IP Lookup | Webroot BrightCloudThis information is necessary to determine what action to take a...

SOC_CSG by L4 Transporter
  • 4509 Views
  • 2 replies
  • 0 Likes

Resolved! captive portal authentication failed LDAP

Hi ALL,I'm really stuck with this, i spend all day tryng to inderstant why the authentication failed when i'm using LDAP,the configuration seems to be okay,Could you please check,when i try to authenticat with an AD acount , i put abc\sarah and the passwordi get an error that the username and password are incorrectplease fin in attach the screen...

atelcom by L3 Networker
  • 7076 Views
  • 6 replies
  • 0 Likes

HA Active/Passive - Failover issues

Hello,PAN-OS 5.0.8I have a cluster of two firewalls in high availability HA. Today have switched (failover) and I do not understand Why?.And I would like to know what could cause this?I have reviewed the system logs, I do not see previous logs to restart. Is this normal?Can I recover previous system logs to restart?Is there any way to see a hist...

SOC_CSG by L4 Transporter
  • 19028 Views
  • 7 replies
  • 0 Likes

Public Interface - two SSL VPNs and VPNS site-to-site is possible ?

I have one interface external configured with one public IP address and many VPN site-to-site with many customers on this interface and a VPN client for the corporate user. I wish configure new SSL VPN client-to-site for another customer in this same interface . It is possible ? Do you have a manual for this configuration ?best regards ,Paulo Aun

Resolved! Single Public IP Address NAT to 2 Different DMZ IP Addresses Depending on Source IP

Here is the problem to be solved:I have a single public IP address (example: 1.1.1.5) that is currently NATs to a single DMZ address (example: 192.168.1.11). I need to create a NAT rule that will continue to send all traffic on all ports to 192.168.1.11 address unless the traffic is coming from a specific address, for instance 2.2.2.2.In other w...

jlarson by L0 Member
  • 4336 Views
  • 2 replies
  • 0 Likes

Resolved! PA with proxy, user logging in traffic log

Hi there,we’re running the following setup on PAN-OS is 6.1:client-pc|pa-dmz|proxy|internetcitrix-server|pa-dmz|proxy|internetUser-ID Agent is collecting IP>User mapping.We’re logging only Deny events in the traffic log.We want to achieve the following:When User A tries to open a website/app which is not allowed, we want to see in the traffic...

  • 24393 Posts
  • 123 Subscriptions
Top Solution Authors
Labels