General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Resolved! PA sending TCP RST

Hey folks,I've run into a following issue. We have a Juniper MAG box communicating with a web server and a rule in place allowing this communication (source Juniper, destination any production IP, on any port). I can also see in the traffic log that the communication is accepted. However when I did a packet capture on the FW I saw the following:...

URL Logging - Best Practises?

What's the recommendation on the best way to configure a Palo Alto to log URLs visited during regular browsing?We have various categories set to block which are of course logged but I've never quite got my head around the logic of setting something to "alert" when actually I don't want to see it in the URL logs, but I do want it logged - if that...

6.1.1 performance issues?

Has anyone encountered any throughput issues with 6.1.1? I have NOT had any issues until Friday.Installed a PAN200 in vwire mode for a client eval / AVR. Their throughput to the internet was 44mbps before PAN. Through the PAN, it as cut down to 8mbps. Removed PAN and it went back up to 44mbps. With other PAN200s on 6.1.1, I am getting 50+ on the...

SDorsey by L4 Transporter
  • 3874 Views
  • 3 replies
  • 0 Likes

Is User-ID Agent Appv5 compatibility with PAN-OS V6?

We have a new PA-3020 running on version 6 and I'm using our old Windows User-ID agent running on version 5 that are currently operational in our environment. I've configured PA-3020 to connect with the User-ID agent but I'm having an authentication issuePAN-3020> show user user-id-agent state allAgent: ad-agent(vsys: vsys1) Host: 10.2.2.2 (1...

Global Protect Gateway License

Just a question about Global Protect Gateway License. Currently we're planning to deploy PA-5050 for our Data Center Infrastructure. Is Global Protect Gateway License is a requirement? For what I've understand, this is only a requirement if you're going to use remote access or SSL VPN but since this is only for our internal security and no remot...

Resolved! XML reports in Email Scheduler?

I know you can export a report as an XML manually but when you create an Email Scheduled report I don't see any options.Are emailed reports only in PDF or is there an option somewhere to select this?Thanks!

Dz3015 by L4 Transporter
  • 2610 Views
  • 1 replies
  • 0 Likes

PAN2050 data stops when global protect client downloaded

Has anyone seen this issue? We have had this issue for months with no relief and am at my wits end. Forgive me if my frustration comes through......what happens is this:A remote user will login to VPN web page and click the link to download the GP client then..... *poof*! All traffic in every direction stops. ALL the PAN layer 3 interfaces stop ...

OSPF over VPN

Hello,is it necessary to use Numbered Tunnel-IP confuguration when running OSPF over a VPN line?Roman

rkra by L2 Linker
  • 2760 Views
  • 2 replies
  • 0 Likes

Resolved! show config running output

on a local firewall, the output of the show config running output has some encrypted data that does not seem to be a certificate. No --begin certificate-- or --end certificate-- .Does anyone know what this encrypted data is? I thought it might be the licenses installed.

Monitoring A/A HA status and session sync

How have folks setup automated monitoring of HA status and session sync?We see HA instability on a 5060 A/A cluster during periods of high load. The boxes get too busy to respond to HA messages, lose heartbeat, and start to think the links have failed. Normally, they recover automatically when the load decreases. But this weekend, we had a cas...

Resolved! PAN-2020 Management access issue.

Hi Friends, One of my PA-2020 , OS 6.0.4 have some issue. we are not able to access the management port through Console port, web interface and CLI and also not able to ping. if we are hard reboot the firewall working fine. i have got same issue frequently last 10 days. any one have idea about it please share the info. Thanks Regards Satish

Satish by L4 Transporter
  • 4247 Views
  • 6 replies
  • 0 Likes

Resolved! download PAN-DB Error

Dear Friends, I am try to download PAN-DB for URL but i am getting below error. please suggest. PAN-DB list Loading Failed (ERROR: SSL Connect Error)

Satish by L4 Transporter
  • 15024 Views
  • 30 replies
  • 0 Likes

If security policy has associated profile and/or application is subject to content inspection, setup content inspection session

It is mentioned in policy look-up: If security policy has associated profile and/or application is subject to content inspection,setup content inspection session.what are those applications which are subjected to content inspection?what is checked first app-id or content ID-- In My view it should be app id. Please correct if I am wrong here.How ...

vsingh by L2 Linker
  • 2753 Views
  • 2 replies
  • 0 Likes

Resolved! BrightCloud URL Database Not Reachable

Anybody else having issues with the BrightCloud database not being reachable?Get the following error message in the system log...Cannot receive data from 'service.brightcloud.com:80' to download BrightCloud URL databaseThanks,Al

almay by L2 Linker
  • 4788 Views
  • 3 replies
  • 0 Likes
  • 24401 Posts
  • 123 Subscriptions
Top Solution Authors
Labels