This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Resolved! Block Threat and URL Filtering Stats

I was trying to find how many threats the PA is blocking and how many URLs it is filtering over a set period of time, so show management how much work these devices are doing.Is there any way to pull this information off the PA?I have a PA-5050 running 4.1.15, a PA-5050 running 5.0.5 and PA-5060 running 5.0.6.Thanks!

Reports that make sense to HR

Do any of you have a custom report that you are willing to share for HR requests? The current report I came up with is okay, but when I sort by Date, it's alphabetical, not chronological. Fri Oct 3 shows before Fri Sept 12. Is there a way to get the date to sort correctly that I'm missing?

Categorisation mismatch Test url categorises but debug dataplane url resolve path doesn't

Hi,Equipment: PA3020, Software: 6.0.2, Filtering BirghtcloudWe have a situation where large numbers of web sites are being categorised as "unknown.". Upon investigation ( case has now been raised with PA), we find that the Test url <url> command will get the correct categorisation. However the user trying to use the same url will be block...

Resolved! IP address used for Common Name in SSL Forward Proxy Cert

I'm getting ready to generate a CSR for an SSL Forward Proxy Cert and I wanted to know which IP address should I use for the Common Name. I would like to inspect SSL traffic that is sourced from both my Trusted zone as well as my DMZ zone.1) Should I use the IP address associated with my Trusted zone?2) If I use the IP address of my Trusted zon...

Resolved! inbound NAT server load balancing

Hello I have 2 exchange server in a DMZ, and I would like apply an inbound NAT with a load balancing like a simple round robin.we need to used a tier load balancer to do that.My question is some of you are interresting in a feature request, to implement a simple feature of load balancing in PANOS?

Gregoux by L4 Transporter
  • 4393 Views
  • 2 replies
  • 0 Likes

Panorama M-100 HA - Adding log collectors in mixed mode

Hi,I'm having a problem with adding the log collectors in a Panorama M-100 HA setup. I have two M-100 appliances, both in mixed mode. HA is configured and is working as expected. The problem is that I cannot get M-100 #1 to connect to the log collector on M-100 #2 and vice versa. (see attached photo)I'm currently running 6.0.2, and both devices ...

torm by L4 Transporter
  • 5847 Views
  • 5 replies
  • 0 Likes

Application Dependency Warnings

We have begun the process of globally allowing some applications for the entire enterprise. At this point, these are (fairly) innocuous applications which are largely dependent on web-browsing / ssl. Two questions:1. When verifying if a dependent application is available, does the firewall check the policy from the top down or just rules belo...

PAN-200 and Active Directory - Part II

PAN-200 Software version: 6.0.1 GlobalProtect Agent: 2.0.4 New domain, built on Windows Server 2012 R2.I'm missing _something_. Setup as below and I cannot login with the domain name account to the VPN. It's got to be one .. little .... thing.Device - Setup - Services - Services Features: Service Route Configuration / DestinationDestination: ...

bdunbar by L3 Networker
  • 6435 Views
  • 9 replies
  • 0 Likes

Paloalto firewall placement

Hi, i have customer who bought 2 paloalto firewall, with threat prevention and url filtering licences and i want some advice for the placement of paloalto in the architecture to ensure the maximum of security and deploy all necessary fonctionnality please find in attach the architecture ,knowing that : ASA is used for :- VPN IPSC- managing inte...

atelcom by L3 Networker
  • 8582 Views
  • 13 replies
  • 0 Likes

IPSEC Tunnel Bandwidth Monitoring

Is there a built in function in PANOS to monitor bandwidth across IPSEC tunnels? I can pull snapshots between IP's using ACC, but does not provide flow history similar to what Network Monitor does. Even setting up QOS only gives me the current snapshot.Would NetFlow be able to monitor tunnel traffic?Thanks,Jim

Dynamic "Allow" Lists possible?

Greetings,I'm migrating from regionalized TMG environment, to a distributed Palo Alto design at a great number of sites. One of the banes of our TMG existence is maintaining a list of allowed internet sites that anyone on the network can get to VIA a trust to untrust policy (Even those non-domain devices). Things like HR sites, retirement, heal...

aklugherz by Not applicable
  • 4078 Views
  • 6 replies
  • 0 Likes

Multiple Admins and what happens with a commit?

Hello,If I have multiple admins working on the same PA, when the second admin logs on do they see the first admins candidate config, or do they get a copy of the running config? When a commit is done, does it commit only the changes the admin makes, or the changes from both admins?I understand that the config lock would prevent the second admit...

eosminer by L1 Bithead
  • 4010 Views
  • 3 replies
  • 0 Likes

WGeneric.dilll threat ID (1270326)

Anyone else getting clobbered with Threat ID 1270326 alerts today?Seems to be firing on attempts to download a flash file.Any/all insights appreciated. Tnx! Tomthreatid:Virus/Win32.WGeneric.dilll(1270326)

TomS by L1 Bithead
  • 4170 Views
  • 6 replies
  • 0 Likes
  • 24379 Posts
  • 123 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks