General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

PBF

What is the impact on firewall if we use only pbf instead of routing. how cpu intensive it can be? Is it a better option than routing, as in routing we are using fib table in the dataplane.

Westcon2 by L3 Networker
  • 3963 Views
  • 3 replies
  • 0 Likes

NAT - Tips and Gotchas?

PAN-200PAN OS 6.0.0.I've been directed to implement NAT on our PAN-200. Given that this will disrupt current traffic, I've scheduled tomorrow night to make it happen.I'm reading 'PAN-OS Administrator's Guide Version 6.0' - it seems reasonably straightforward.I'm about to dive into 'Understanding NAT-4.1-RevC'.Are there any gotchas, problems, bo...

bdunbar by L3 Networker
  • 4561 Views
  • 5 replies
  • 0 Likes

How can I change the language of GlobalProtect agent?

Dear all,GlobalProtect agent will select it's language automatically after version 2.0.0, sometimes customer want to use the specific language, e.g. English, how can I do? If anyone know that, please share me your experience, many thanks,Sample.

Sample by L1 Bithead
  • 8501 Views
  • 8 replies
  • 0 Likes

Resolved! Filter traffic from mobile devices

Hi,I was wondering if anyone has an idea on how to filter traffic coming from mobile devices. My scenario is that on our (open) guest wifi I would like to enable our users to do pretty much what they like from their mobile phones etc. but not let them have the same freedom just by undocking their laptops. Since we don´t pre-authenticate them to ...

mgusta by L2 Linker
  • 10072 Views
  • 12 replies
  • 0 Likes

Category Blocked, one site in Whitelist

Hi There,i my specific example i blocked the category Online-storage and Backup but white-listed www.slideshare.net. But apparently slideshare.net looks like crap. I guess it's because of restrictions fromthe category but not pretty sure.The site seems to have problems with CSS cause i can see the content, but without any style. Anybody of you e...

MFB123 by L1 Bithead
  • 11621 Views
  • 12 replies
  • 0 Likes

Panorama Commited configs

I have an issue to where when I go to export configurations it shows last commited config from 6 months ago ;however, there have been several commits executed. Is this a bug ?

Resolved! cache poisoning issue

we are planning to deploy more Palo alto devices throughout our enterprise and were thinking of removing our existing Cisco ASA's. Our Cisco rep got word of this and met with us on why we should still keep the ASA's and go with their new products. He mentioned that the Palo Alto device is susceptible to the use of cache poisoning to bypass its s...

Resolved! Wildfire Alerts Seem too quiet

Hello all.Just a sanity check question - I am wondering why my WF Alerts seem to have slowed to nothing the past few days, when normally we get at least one and usually more.My fear is because of the holiday season, the folks dealing with Wildfire are off. Perhaps it's paranoia, but I am wondering if anyone else has experienced a sharp dropoff i...

JKennedy by L0 Member
  • 3169 Views
  • 2 replies
  • 0 Likes

Mgmt webgui kicks me out since panos 6.0

Wanted to see if anyone else has had this issue. Ever since our clients have been updated to PANOS 6, the webgui will periodically kick you back to the login screen. This seems to happen in both Chrome and FF. It still happens with 6.0.4. We see this on 200s, 500s, 2000s and 3000s. Has anyone else run into this? Is it a known bug?

SDorsey by L4 Transporter
  • 8388 Views
  • 12 replies
  • 0 Likes

How to catch computer that is trying to 'cheat google'

Hi,I have a 2050 in tap-mode connect to a customers network, this to try and catch on or several computers that are trying to alter google statistics.The problem is that google give all the users a captcha before the can do any searches. Any one have any recommendations in how to filter out this traffic? RegardsHugo

NTP Vuln - Cert VU#852879 / CVE-2014-9295

Network Time Protocol Vulnerabilities | ICS-CERThttp://support.ntp.org/bin/view/Main/SecurityNoticeaccess.redhat.com | CVE-2014-9295http://arstechnica.com/security/2014/12/attack-code-exploiting-critical-bugs-in-net-time-sync-puts-servers-at-risk/

My Wish for Christmas - Commit Confirmed Feature

We are newish to Palo Alto, and always working remote ( I’m based in a NOC ), other vendors have the feature were its possible to commit a config and if this is not confirmed after a period of time, the config rolls back. I cannot tell you the peace of mind this gives us that in the worst case scenario we will not find ourselves locked out of ...

wingnut by L0 Member
  • 2393 Views
  • 2 replies
  • 0 Likes

QoS Configuration for Small Upload Pipe

I am configuring QoS on a PA200 for a remote site that only has a 768Kbps upload pipe. When it comes to PA and QoS, there are a ton of config options. I just want to make sure I am configuring the correct ones.These are my goals:- RTP traffic(for VoIP and Video Teleconferencing) to have the highest priority of all traffic. When the pipe is co...

jambulo by L4 Transporter
  • 3906 Views
  • 2 replies
  • 1 Likes
  • 24404 Posts
  • 123 Subscriptions
Top Solution Authors
Labels