General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Ensuring a Safe and Secure Community: How You Can Help

 

Dear LIVEcommunity Members,

 

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

safe-community_oct24.jpg
report-content.jpg
jforsythe by Community Team Member
  • 405 Views
  • 0 replies
  • 2 Likes

Active/Active traffic log.

Hello

I knew session owner generate traffic log.

Does session setup device generated traffic log  If a session is denied L4 processing before L7 processing???

Network Diagram

Router#1(Power-OFF) ------ Router#2(Power ON)

            |                     

...

Resolved! use GlobalProtect for Network Logon

Dear,

Is it possible to use GlobalProtect with pre-logon enabled as a "Network Logon" for Windows?

This way I want to use the GlobalProtect to tunnel the domain-login request to our AD when the pc is on the road.

Ultimately we want to use this for users

...

mr.linus by L4 Transporter
  • 3855 Views
  • 8 replies
  • 0 Likes

Resolved! L3 deployment with dynamic IP and DMZ (NAT and PBF required?)

Dear all,

I'm trying to move from my initial vWire deployment to L3 in order to get rid of my SSG5. Later on I'll also get rid of my SA-2000.

Current layout:

ISP (dynamic IP) - PA vWire - SSG5 - PA vWire - Intranet

                                       

...

About updating AD group membership

Hello guys

1. I configured LDAP profile and update from AD DC

2. AD group named domain-users has about 10900 user

3. Customer created new user and applied new user to domain-users group

So I tried to refresh a group-mapping information by debug command.

...

7-Zip ARJ File Buffer Overflow Vulnerability(31030)

Has anyone come across this vulnerability?  We have several PC's with 7-zip installed for extracted .tar files in windows.  Even after we delete 7-zip, we still see these vulnerabilities being flagged by the pan.  Has anyone seen this behavior before

...

jmurphy by L2 Linker
  • 1865 Views
  • 1 replies
  • 0 Likes

Resolved! pa performance analyze

hey

i am trying to analyse if the PA is under load regarding to the PA specs,

the customer is having sometimes disconnects on the network, i can see that the CPU have peaks sometimes but mainly is OK

netcom@PA-IL-ACTIVE(active)> show running resource-m

...

minow by L4 Transporter
  • 2457 Views
  • 1 replies
  • 0 Likes

best practice User-ID strategy?

Hello,

first I try to give you some information. Our headquarter is located in Germany. All of our subsidiaries are connected to Germany via relatively slow VPN lines. Overall we have round about 20 DCs in different countires. Until now we have only 3

...

Why both portal and GW license for HIP ?

Hi,

Can someone give a competitive explanation for that ?

Portal for once, GW for every year.But why both ?

Vendor updates make sense for GW subs., what extra portal makes ?

Regards.

panos by L6 Presenter
  • 1571 Views
  • 1 replies
  • 0 Likes

SYSTEM ALERT : high : HA Group 1: ** version does not match

Hi Friends,

I wanted your help in solving this persiting issue.I have a PA4020 in HA mode which is configured in Active-Passive mode. From last few days i am getting the below error

SYSTEM ALERT : high : HA Group 1: Anti-Virus version does not match

SYS

...

u13168 by Not applicable
  • 4750 Views
  • 5 replies
  • 0 Likes

Does PA firewall really support 6in4 tunnel?


I have a free 6in4 tunnel from Hurricane Electric. The tunnel profile inucludes IPv6 Tunnel Endpoints, Routed IPv6 Prefixes and Anycasted IPv6 Caching Nameserver. I used these information to configure a Juniper SSG firewall and it works. I was told b

...

yq by L0 Member
  • 4089 Views
  • 3 replies
  • 0 Likes

Resolved! Unable to Perform Debug Flow

Hello, have a PAN-5050 running 4.1.13, where I am trying to debug flow on.  Followed the steps necessary to turn on flow debugging but I am not seeing anything log to either of the dataplane pan_packet logs files. I've confirmed the settings are in p

...

Resolved! Forward Trust Certificate

Hi,

In my office environment, we have an internal certificate that we have been using prior to installing PAN device. Lately after installing PAN, our office staff are always getting certificate warnings whenever they visit a SSL enabled website.

I re

...

Suhaimi by L1 Bithead
  • 2492 Views
  • 1 replies
  • 0 Likes

Maximum PAN-OS in Signature Update

Hi All,

I see in Release Note application update in Dynamic Updates or email like this :

There is a maximum PAN-OS version in Conficker.

Why some threat have limitation in PAN-OS ?

Please advice.

Thanks.

Regards,

MG

mg_imid by Not applicable
  • 2522 Views
  • 3 replies
  • 0 Likes
  • 23695 Posts
  • 110 Subscriptions
Top Solution Authors
Labels