General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Ensuring a Safe and Secure Community: How You Can Help

 

Dear LIVEcommunity Members,

 

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

safe-community_oct24.jpg
report-content.jpg
jforsythe by Community Team Member
  • 419 Views
  • 0 replies
  • 2 Likes

Monitoring Attacks in real time

Hi,

I'm wondering if there is another way instead monitor tab to monitor attacks in real time.

Does anyone else thinking about it?

Leonardo Dias

ldias by L0 Member
  • 3371 Views
  • 6 replies
  • 1 Likes

SSL Decryption and Cisco Jabber client

We currently use Cisco Webex for desktop sharing, video conferencing and IM. Our environment has mostly people using the old Webex connect client and a few 'pilot' users of the Cisco Jabber client.

Recently we implemented SSL Decryption and everything

...

Proxy ID's question

Can someone clarify Proxy ID's for me? From what I see they're the same thing as encryption domains? What is the syntax, does it have to be one to one: ie SIP 1.1.1.1 DIP 2.2.2.2

                                                                        

...

dvlacic by Not applicable
  • 3696 Views
  • 2 replies
  • 0 Likes

Bulk Apply Profiles

Hi All,


Is there any way to easily bulk-apply a threat prevention profile to a large list of Security Policies?  Maybe through the CLI?  We have about 600 security policies that do not have threat prevention turned on.  I'd like to do so, and have the

...

wocomike by L1 Bithead
  • 2981 Views
  • 4 replies
  • 0 Likes

Problem with incomplete application

Hi all,

I have the same problem with incomplete application.

!Public zone! <====> PAN Firewall <====> INSIDE Firewall <-----> Server IP.

I have nated Server IP to Public ip, and configure rule like the below.

Name: (Ping) ; Src zone: (public); Src: (any)

...

Resolved! How many to need for HA3 links?

Hello,

I'm going to install two PA-3050s with A-A deployment.

Based on datasheet, throughput of only app-id is 4Gbps.

How many to need for HA3 links? four links? more?

I wonder how to calculate for it.

Do you have recommendation?

Please let me know it.


Than

...

Resolved! DPD check

Hello,

Is there any CLI commands to check if Dead Peer Detection (DPD) is receiving/sending keepalive packets to the remote VPN peer ??

Regards,

HA

licenselu by L4 Transporter
  • 2903 Views
  • 2 replies
  • 0 Likes

Threats blocked by Wildfire.

How do you distinguish when a threat is being denied or blocked because of Wildfire, versus the standard antivirus definitions in the PA firewall?

Netwerx by L2 Linker
  • 1762 Views
  • 1 replies
  • 0 Likes

Throughput of an Active/Active HA pair

I believe that in an active/active HA pair the total throughput is equal to the performance of a single box, not the sum of both boxes.

For the PA-5050, the throughput for an Active/Active HA pair is 5Gbps with threat prevention.

Where is this document

...

Resolved! PA with Two ISPs NAT

Dears,

We have four zone in the PA. The naming along with subnet are below mentioned.

1. ISP1- 100.100.100.2/29

2. ISP2- 200.200.200.2/29

3. DMZ1- 172.16.1.1/24

4. DMZ2-172.10.1.1/24

5. Inside- 10.10.10.0/24

Inside user are going to internet via ISP1 and IS

...

User ID Agent

I deployed a Windows 2008 member server and installed User ID Agent 5.06 to match the code of my PAN's.  I had everything working on, I was getting user ID's and everything I needed, but the issues was how much traffic the user agent generated over t

...

markk96 by L3 Networker
  • 2316 Views
  • 1 replies
  • 0 Likes
  • 23695 Posts
  • 110 Subscriptions
Top Solution Authors
Labels