General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

VPN & SSL VPN questions - A/A cluster

I'm starting to setup an Active/Active cluster And I'm looking at using arp-Load-Sharing as that seems to be the fault tolerant/load balancing one.

So here's the question will SSL VPN (web interface) & site2site vpn's (with cisco and sonicwall devices

...

jkw117 by L0 Member
  • 4591 Views
  • 6 replies
  • 0 Likes

Wildfire Threat Type

I clicked on the Magnifying Glass icon of a Wildfire Submission Log entry and there are related log entries that shows a Threat Log Type Wildfire. When I went to the Threat Log and tried to filter on Type equals Wildfire nothing comes up. As a matter

...

jwolach by L4 Transporter
  • 1526 Views
  • 1 replies
  • 0 Likes

Clientless User-ID problem

Hello.

When debugging clientless User-ID I've noticed a strange entry in useridd.log log file. I'm trying to connect to 2 AD servers.

It says:

2014-04-07 10:44:09.875 +0200 Error:  pan_user_id_win_log_query(pan_user_id_win.c:1319): log query for server1

...

santonic by L6 Presenter
  • 3712 Views
  • 7 replies
  • 0 Likes

Stopping email alert for Syslog related Logs.

How stop email alerts for syslog related logs? For example Email alert is generated for every one hour that syslog server is active.

Note: The log severity level for email alert is configured for high and it should be changed.

Gururaj by L4 Transporter
  • 3299 Views
  • 3 replies
  • 1 Likes

Resolved! A lot of unknow-udp traffic (port 123)

Hi

I observed since 04/09 a lot of traffic clasified as unknown-udp from my DMZ to Untrust. It could be missidentified because I have security rule that allow NTP.

It could be related to 429 package of Thread prevention update. Now I'm on 430-2169.

Do Y

...

_slv_ by L4 Transporter
  • 3513 Views
  • 3 replies
  • 1 Likes

Resolved! software update schedule

Hi quick question regarding software updates. I know you can pull updates manually within the device, but I was under the impression that these updates would pull and install automatically. We had a consulting company help with our install so I may b

...

bino150 by Not applicable
  • 2373 Views
  • 1 replies
  • 0 Likes

Resolved! Log Category and Current Category : PAN-DB

Hello,

Anyone here having the same issue? Please see the image below,

The URL that we are browsing isn't match with the Log Category.

We already tried re-downloading the whole URL PAN-DB. Also, the URL category on the cache identifies "youtube" as strea

...

QoS policies

hi!

i have a question regarding the QoS feature, so here goes:

the scenario is the following - we have 2 apps for which we would like to limit the bandwidth, lets say app1 and app2. we have edited one of the QoS classes in the default QoS profile, clas

...

Heratbleed CVE-2014-0160 - New Vulnerability Signatures

Palo Alto released multiple vulnerabilities for the Heartbleed bug.

New Vulnerability Signatures (3)

Severity

ID

Attack Name

CVE ID

Vendor ID

Default Action

Minimum PAN-OS Version

medium

40039

OpenSSL TLS Heartbeat Brute Force - Heartbleed

CVE-2014-0160

alert

  1. 3.1.
...

bdeschut by L4 Transporter
  • 3600 Views
  • 5 replies
  • 0 Likes

MGCP being dropped since upgrading to 6.0.1

We upgraded our PA5020 from 5.07 to 6.0.1 to utilize TLS 1.2 to handle decryption but as a result we have created an issue with our phones. We have a couple call managers behind the PA5020's at our data center and several branch offices around the wo

...

froggyj by Not applicable
  • 3817 Views
  • 4 replies
  • 0 Likes

Resolved! PaloAlto and VCS gateway - H323 / SIP

Hi all,

Installing a palo on network with VCSExpressway (cisco ToIP) module.

After reading other discussion (https://live.paloaltonetworks.com/message/7757#7757, https://live.paloaltonetworks.com/message/12132#12132, , for a "full" compatibility betwee

...

VinceM by L5 Sessionator
  • 3205 Views
  • 2 replies
  • 0 Likes

Resolved! Can a Subnet Live on Both Sides of an IPSEC Tunnel?

We are planning on moving to a new office space. We need the networks in the new office space and the current office space up and running at the same time during the transition. This has raised the question on how this can even be done. We were wonde

...

  • 24128 Posts
  • 102 Subscriptions
This widget could not be displayed.
Top Solution Authors
Top Liked Authors
Labels