General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Ensuring a Safe and Secure Community: How You Can Help

 

Dear LIVEcommunity Members,

 

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

safe-community_oct24.jpg
report-content.jpg
jforsythe by Community Team Member
  • 223 Views
  • 0 replies
  • 0 Likes

Basic QoS Understanding

So, I'm trying to get a clear understanding of QoS on the PA's.  Any feedback / answers would be appreciated:

Maximum Egress - Straight forward - the maximum amount of traffic you are allowing out.

Guaranteed Egress - This one I'm foggy on.  Is it only

...

mrsold by Not applicable
  • 7368 Views
  • 6 replies
  • 0 Likes

Slow transferspeed over IPSec against ASA5510

One of our customer has a Cisco ASA 5510.

We have successfully created a IPSec tunnel and traffic flows both ways, but when trying to transfer a file, the speed caps at ~300KB/s, every 4-5 packets is dropped and the latency goes from ~3ms to 90ms.

Both

...

TJ by L1 Bithead
  • 7552 Views
  • 7 replies
  • 0 Likes

User ip mapping with only Global Protect

Hi all,

i have a question regarding user ip mapping when only using Global Protect to authenticate users.

Without enabling any user-id agent. Neither external on a server, neither on the firewall.

It works as Global Protect identifies the logged-on user

...

Resolved! Let me know how to block virus in SFTP

Hello~

As title see

I would like to block virus in SFTP

as far as I know SSH Proxy is same as SSL Proxy

so I installed Bitvise SSH Server(Personal Version) recently

I have confirmed be server normally

and than I configured similar as SSL way in Policy

Also

...

User Activity Reports

I really need some help in the correct process of running a user activity report. I have a request to pull the last 30 days of internet activity on a particular user. Every time I attempt this, I get strange results. Either the info only goes back 3

...

brb by Not applicable
  • 2772 Views
  • 4 replies
  • 0 Likes

Pannorama and HA Cluster

Hey

i would like to know how the commit process works when i push commit on pannoaram to HA device group.

1) does Panorama send the configuration to both of the device and then commit it?

2) does Panorama send it only to one device and it commits it to

...

minow by L4 Transporter
  • 3056 Views
  • 5 replies
  • 0 Likes

Destination NAT to address not in same subnet

Hello,

I had a quick question about destination NATing to an address not in the same subnet as an interface on the Palo Alto. For example, let's say I have a site-to-site VPN and I am using destination NAT on one side of the tunnel. When traffic comes

...

Resolved! Forefront UAG Direct Access

I was wondering if anyone has deployed Microsoft Direct Access or Forefront UAG behind a Palo Alto firewall, and could share their experiences.  Direct Access requires 2 consecutive public IPv4 addresses (no NAT), and we are trying to figure out the

...

abelgard by L1 Bithead
  • 2857 Views
  • 3 replies
  • 0 Likes

Problem with IPSec tunnel monitor

Hello,

We have an issue with one IPSec site-to-site tunnel. The PAN usually doesn't recognize when a tunnel is down. We can correct this by setting up monitors on all tunnels with a "wait-recover" action after 3 subsequent failures. This works for all

...

oschuler by L4 Transporter
  • 3844 Views
  • 2 replies
  • 0 Likes

Resolved! Viewing all URLs visited by a user

Hi there

I'm trying to track down an incident here and I'd like to get a report on a particular user for all URL activity. I've set up a custom report using the URL Log, with a time frame of the last 12 hours and added the username in via the query bu

...

  • 23617 Posts
  • 107 Subscriptions
Labels