General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Is there a similar service like IP SLA so the firewall can change default routes as a result of a certain condition

I was just curious...if I have 2 internet feeds but am not peering - I use ip/SLA to guanratee service. If a ping to 4.2.2.2 fails, it drops the current default route and the other default route with the higher AD is the active default route.Is there something similar to this in PAN-OS?

DNS not DNS? Strange UDP 53?

I am seeing a huge amount of traffic outbound from my DNS server that seems to be being dropped by the firewall. Its being dropped because my application rule says "allow DNS server to talk DNS to the internet", it doesn't match that (because its not DNS application according to PAN) and so its dropped.Whats happening is that there is a large am...

Andy_K by L1 Bithead
  • 6873 Views
  • 6 replies
  • 0 Likes

Inconsistent documentation on zone protection

Hello,Palo Alto's documentation is inconsistent on the behavior of flood protection when it is applied by a zone protection policy.1) "Threat Prevention Deployment Tech Note - Version 2.0 RevA", page 44 says that the zone protection based flood protection applies per source-destination-port tuple:"Configure Flood Protection settings based on the...

Resolved! Source and Destination NAT at the same time

HalloBefore going to my question, please assume the following scenario:There is a Non-Palo Alto Firewall in internet (lets call it FW-Extern). There is another Non Palo Alto Firewall inside my network (lets call it FW-intern). The FW-Extern initiates IPSec VPN to FW-Intern. The VPN connections are always initiated by the FW-Extern in the directi...

Pa VPN IPsec

Hi,i have a question regarding the VPN IPsec on Paloalto , is palotlo must be in front end when configuring the PARegards,Sarah

atelcom by L3 Networker
  • 4467 Views
  • 7 replies
  • 0 Likes

Resolved! URL filtering - incosistency with online BrightCloud database

Hello.A while ago website www.rk-celje.si was recognised as malware-site. But in last couple of months the website seems to be clean and online BrightCloud lookup (URL/IP Lookup | Webroot BrightCloud) recognises it as 'Trustworthy' and categorizes it correctly as 'sports'But PA device using BrightCloud for URL filtering keeps saying it's malware...

santonic by L6 Presenter
  • 4323 Views
  • 3 replies
  • 0 Likes

Resolved! Sophos HIP Requirement for GlobalProtect

Trying to add Sophos End Point Security and Control as a HIP requirement to be installed for users connecting with GlobalProtect. Sophos End Point Security and Control is not showing up as a vendor in the list. Sophos Antivirus is in the list but is not recognized and fails the HIP requirement when connecting. Has anyone seen this issue?

ddavis1 by Not applicable
  • 5667 Views
  • 2 replies
  • 0 Likes

Resolved! IPS - new signature's action set to default instead of the action specified in rule

Hello.I have a general IPS profile with a rule (named block-crit,high) which includes all signatures with severity 'critical' and 'high'. Action for the rule is set to 'block'. I have automatic updates on for IPS signatures. Yesterday a new signature (OpenSSL SSL/TLS MITM vulnerability) was released with severity critical. When I checked my IPS ...

santonic by L6 Presenter
  • 16811 Views
  • 19 replies
  • 1 Likes

Scansafe to PANDB URL Category Mapping

Hi All,I'm searching for the mapping between Scansafe and PANDB URL categories.Scansafe categories to be found here:Web Filtering Categories - CiscoThanks for any input you can provide.Stijn

sdw by L1 Bithead
  • 4866 Views
  • 5 replies
  • 0 Likes

Response Pages Customized not working

Hi,i have customized a response page for application blocking. I have uploaded my customized page in "shared" and enabled But i try to access to any app not allowed like facebook and the page is not being showed...my PANOS is 6.0.4thanks

SOC_CSG by L4 Transporter
  • 6429 Views
  • 12 replies
  • 0 Likes

Wildfire Email Link Analysis

Hello,I have a question regarding this new functionnality for PANOS 6.1.0 version.One of my customer has tested, but he doesn't get an email when a suspicious link in an email is send/received by users.So I tested on our lab, and I have the same behavior. I use the informations from WildFire Email Alerts: Subscribe or Add Additional RecipientsIt...

rled by L1 Bithead
  • 10575 Views
  • 15 replies
  • 0 Likes
  • 24401 Posts
  • 123 Subscriptions
Top Solution Authors
Labels