General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

How and Why to Accept a Solution to Your Post

Did you know that you can help your fellow community members by accepting solutions when a reply answers your question Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature

...

JayGolf_0-1691518400714.jpeg
JayGolf by Community Team Member
  • 1001 Views
  • 1 replies
  • 9 Likes

Resolved! How to process OSPF in FW?

Hello,

I heard from someone in the past that control plane send ospf hello packet and data plane has routing table.

Is it correct??

OSPF issue occurred in my custom site. So I wonder it.

And what is the different between routing table and FIB?

Thanks.

Upgraded to 5.0.9 ? User Identification stops working?

Hi,

I had 2 PA's running with user-identification using the user-id-agent.

Both have the same config, running 5.0.7

I upgraded both to 5.0.9

one is working fine, the other one does not "see" the user anymore.

Tried the normal stuff: reboot, reinstall, tri

...

paulmeys by L1 Bithead
  • 2431 Views
  • 3 replies
  • 0 Likes

OSPF with 2 tunnel

HI all.

My networks same the figure. ( User VPN and OSPF)

I want use WAN Tunnel is the main path. from Branch to HQ ( only use Interne Tunnel when WAN Tunnel Down).

In OSPF config I set WAN tunnel metric is smaller than Internet Tunnel but when i tracer

...

dat.tran by L2 Linker
  • 1377 Views
  • 0 replies
  • 0 Likes

problem with group membership display in PAOS 5.0

I use the command :"show user group name domain \domain users" , the response from the firewall is :"User group 'domain\domain users' does not exist or does not have members" .

The domain users is the default group for the new user, I think maybe some

...

Resolved! Policy log settings

Hi Pals,

I would like some second opinion on my observation reg. the option 'log at session start' and 'log at session end'. I have tried both options and at the same time monitor the generated traffic logs for each setting. This is my observation:

a)

...

Suhaimi by L1 Bithead
  • 2696 Views
  • 4 replies
  • 0 Likes

Dynamic block list and custom blocked page

Hi,

I am planning to use custom blocked page. So far I have got the logic of creating custom block page and using it in the policy. I would however like to know if I can somehow redirect user to custom blocked page and inform user that his/her access

...

File blocking..

Hi Gents,

I have a Palo Alto 5050 installed between users and my Server Farm.

I configured a security policy to allow access to the File Server, and applied a File type profile to block files such as exe, avi, and FLV.

but the file blocking doesn't work

...

File Types and Applications regarding SSL Decryption

Hi All,

I don't have content Filter License.

am I required to configure ssl decryption to block internet applications or file types?

shall I've a content filter license to configure ssl decryption or not?

Also I'm facing other Issues,

to open internet acc

...

Policies security rules - filtering issue

Hi,

Do you know is there any documentation regarding policies security rules filtering?

I have found some strange behavior for filtering. Examples below on the screenshots are from Palo Alto testing firewall (sv 5.0.6). As it can be seen, if I use fil

...

Monitor traffic - filtering issue

Hi all,

we have noticed inconsistency in PAN OS 5.0.8 and 5.0.9, compared to 4.1.9, related to monitor traffic filter. In older version message box pops-up in case filter is not properly defined (i.e. if there is syntax error), which is fine and helpf

...

Active/Active traffic log.

Hello

I knew session owner generate traffic log.

Does session setup device generated traffic log  If a session is denied L4 processing before L7 processing???

Network Diagram

Router#1(Power-OFF) ------ Router#2(Power ON)

            |                     

...

Resolved! use GlobalProtect for Network Logon

Dear,

Is it possible to use GlobalProtect with pre-logon enabled as a "Network Logon" for Windows?

This way I want to use the GlobalProtect to tunnel the domain-login request to our AD when the pc is on the road.

Ultimately we want to use this for users

...

mr.linus by L4 Transporter
  • 3093 Views
  • 8 replies
  • 0 Likes

Resolved! L3 deployment with dynamic IP and DMZ (NAT and PBF required?)

Dear all,

I'm trying to move from my initial vWire deployment to L3 in order to get rid of my SSG5. Later on I'll also get rid of my SA-2000.

Current layout:

ISP (dynamic IP) - PA vWire - SSG5 - PA vWire - Intranet

                                       

...

Top Liked Authors