General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Resolved! License for IPsec and SSL VPN

Hi all, I need to know if we need a license to acivate or configure site to site VPN ( i.e: between Cisco ASA and PaloAlto), and also for remote client (ssl vpn). if it's possible can someone please help me with the procedure to follow for these two scenarios.Thanks in advance.

Lahcen by Not applicable
  • 4788 Views
  • 1 replies
  • 0 Likes

Stats Discrepancy in the ACC

Has anyone else noticed this?Go to the ACC and sort it by Bytes (I believe this trick works regardless of the sort criteria, but it’s easiest to see this way). Make a note of the top three or so valuesNext, Click on one of these, I picked the top: web browsing. Compare the total bytes now with the values you recorded before. About half? Me too...

djr by L4 Transporter
  • 3400 Views
  • 4 replies
  • 0 Likes

Strange VPN behaviour

Hi all!Some of my colleagues have problems accessing certain services like TFS, Intranet, and Office 365(outlook, lync) through VPN. The weird thing is that for others it might work either 100%, 50% or whatever feels right that day, it seems.What could cause this kind of inconsistent behaviour?Appreciate all help I can get. Thanks!

Palo-Alto upgradation From 5.0.x to 6.0.x

Hi All, We are having PA-5050 & and PA-3020 model running on software version 5.0.8 & 5.0.9 and we are planing to upgrade it to 6.0.2. We firewall is running in Active/ Passive cluster. Please any one help to know the processes and suggest which version is stable between 6.0.1 and 6.0.2Also, I like to know what all the bug we have in 6.0...

Sourabh by Not applicable
  • 2030 Views
  • 1 replies
  • 0 Likes

site to site vpn qestion

We're moving from Checkpoint to PAN. For site to site vpns, I'm assuing i should set up a logical subinterface? How do you ensure its floating/shared in an HA cluster?

dvlacic by Not applicable
  • 2784 Views
  • 2 replies
  • 0 Likes

Disabling VPN Tunnels from trying to establish when NOT actually required

Hi,We have several kits which we use for conferences as and when needed. These kits VPN back to us when alive. The problem is when the kits are sitting in the cupboard the Palo continues to try and bring the VPN tunnel up which fills our system log up and is a waste of resources as the endpoint is gathering dust in the cupboard. Is there anyway ...

Frustration with threats from PA

Is anyone else frustrated with PA's approach to threats and threat signatures?Prime example: "Netbios Small Piece Data Evasion Attack Vulnerability" - signature ID 33511, link to the Threat Vault: https://threatvault.paloaltonetworks.com/Home/ThreatDetail/33511Can we please get some kind of an idea of what the heck this is in reference to? A Mic...

Does Panorama M-100 support more than 100 devices?

Looking to manage more than 100+ devices (around 300 device). is the M-100 able to meet this requirement? below is my current planning setup:M-100 (panorama mode) <--------------------------> 100+ PA boxor do i required another M-100 box as log collector in between?M-100 (Panorama mode)<------------------------> M-100 (log Collector ...

afiq by L1 Bithead
  • 5371 Views
  • 4 replies
  • 0 Likes

Setting up DMZ

First time poster in the new forum.We're looking into creating a pure DMZ on our Palo Alto. Right now all our servers and network are behind a Layer 3 interface with private IPs. Anything that needs to be externally accessible is done via a One to One NAT through that interface. We have a vendor coming out to do some Lync setup and they "highly ...

tgrzeczk by Not applicable
  • 5025 Views
  • 3 replies
  • 0 Likes

Keeping current on blocked websites

What is the best way to keep your blocked websites current? Seems like every day a site is added that needed to be added to the list is there a simple way to keep the list current?

infotech by L4 Transporter
  • 2330 Views
  • 2 replies
  • 0 Likes

PAN agent 5.0.6 looses user IP

We are running PAN OS 5.0.11, with PAN agent 5.0.6-6.But we observe that intermittently, to various users, users are not matched with their IP addresses and Internet is blocked.When we search for this user in PAN agent, we do not see the user in PAN agent at all.The only way out is, the user logs off and logs back in to his system, and then, we ...

rz185016 by Not applicable
  • 2208 Views
  • 2 replies
  • 0 Likes

Resolved! New Zero-Day Exploit targeting IE9-11 CVE-2014-1776

HelloId like to share with You (sad) news about IE http://www.fireeye.com/blog/uncategorized/2014/04/new-zero-day-exploit-targeting-internet-explorer-versions-9-through-11-identified-in-targeted-attacks.htmland response from Microsoft https://technet.microsoft.com/library/security/2963983This is probably will be first issiue on Windows XP that w...

_slv_ by L4 Transporter
  • 8405 Views
  • 11 replies
  • 1 Likes
  • 24400 Posts
  • 123 Subscriptions
Top Solution Authors
Labels