General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start VPN from C# or script

Hello!Is there a way to instruct the Windows GlobalProtect Agent 2.0.3-5 (that ist completely configured for the current Windows User) to Start the VPN from C# (or from within a script)?Thanks for any Ideas, Jürgen.

Firewall he is covering under some vulnerability

Hi friends,Need suggestion Actually when auditor running Vulnerability scaner tool then on Firewall he is covering under some vulnerability> Upgrade to the latest version of OpenSSL> Use a strong key> Disable SSL support for weak ciphersSo for the current version of Firewall customer has 6.0 version software then is this version is fr...

Satish by L4 Transporter
  • 2763 Views
  • 3 replies
  • 0 Likes

DSCP marking over ipsec VPN

Hello,I inherited a network with 4 sites connected together via 3 PA-500's and a PA-2020. We have implemented Lync for VOIP and I'm having issues getting packets to retain their tags across the VPN (internal to the tunnel is all I want) I can't seem to find any documentation talking about DSCP/COS/IP Precedence tags anywhere in the documentation...

traty by Not applicable
  • 7688 Views
  • 4 replies
  • 0 Likes

Filtering Systemlog

I'd like to filter the log in order to get lines containing e.g. "BSS".It works when filtering the description column : ( description contains 'IKE protocol IPSec SA delete message received from peer. SPI:0xAB229BB0.' )It works when filtering the object column: ( object eq P1_012_BSS_EISEN )It does not work when filtering with "CONTAINS" ( obj...

rkra by L2 Linker
  • 3322 Views
  • 2 replies
  • 0 Likes

Packet capture filters

Hello.Does anyone else have problems with defining filters for packet capture in WebUI?If I understand correctly (there is no info about this in official documentation) all values in the same filter are logically connected with 'AND' operator. And logical operation between different filters is 'OR'.So if I want to monitor all traffic between 2 h...

santonic by L6 Presenter
  • 7611 Views
  • 6 replies
  • 0 Likes

Can not access management by WebUI

I can not access palo alto by web management https://xxx.xxx.xxx.xxxWhen I login,it redirect to page login again.I can access ssh and I see patition root is use 100%.

BaNk by L1 Bithead
  • 4264 Views
  • 2 replies
  • 0 Likes

ssl decryption certificate

HI FRIENDS,Now days i am facing a challenge ssl decryption certificate. i have a create a ssl decryption policy for block few App -ID after SSL decryption we got certificate error client side any suggestion???RegardsSatish

Satish by L4 Transporter
  • 4665 Views
  • 7 replies
  • 0 Likes

Resolved! Panorama template push on production devices

I have an environment where there are Palo Alto firewalls already deployed and in production (mix of PA-200's & PA-500's), I am building the templates but I want to make sure that when I push them out the templates won't wipe out the management interface settings or settings that are left blank in the template on Panorama. I have looked thro...

ericv by Not applicable
  • 22276 Views
  • 4 replies
  • 1 Likes

AD interation and recently created user - problem

HelloI'm using user ID with agents on DC. Today I got strange problem.I created new user and I try to logon to GP portal and user GP client. Everytime I got in logs invalid username or password.I know:>debug user-id refresh group-mapping all (non-intrusive command)This command will only fetch the delta/ difference value from the active direc...

_slv_ by L4 Transporter
  • 3011 Views
  • 2 replies
  • 0 Likes

TS Agent 6.0.3 on Windows Server 2012

Hi all,this is my environment:PA3020 PANOS 6.0.23 Terminal Servers running on Windows Server 2012 R2 Datacencer, each one having PA TS Agent 6.0.3-8 onboard.Documentation states that Windows Server 2012 is supported by TS Agent starting from 6.0.2, it's been a very long time I was waiting for this, till now I've tried previous versions of TS Age...

Resolved! User Identification

Hi all,I'm just trying to wrap my head around the finer points of using the built-in user-id agent to query our AD logs instead of having a user-id agent on each DC. I've got this working in our environment, but I'm having a few connect-server-monitor-failure events come through. n I still have the connect frequency set to the default 2 seconds...

QoS Best Practices - complete concept/configuration - big picture for QoS

Hi there,I already read the QoS in PAN-OS 4.1 document and the QoS section in the Panorama Administrator's Guide 6.0 (English).But there a still big question marks hovering over my head. :smileyconfused:The examples show only one use case/qos-profile at one time: "QoS for a Single User" or "QoS for Voice and Video Applications" or "restrict down...

Future start log entry

Noticed a lot of traffic from one machine, went to investigate and found a LOT of traffic.2111 Petabytes.Strange glitch? Or does one of my users have a time machine?

holtcg by L1 Bithead
  • 2861 Views
  • 3 replies
  • 0 Likes
  • 24395 Posts
  • 123 Subscriptions
Top Solution Authors
Labels