General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Custom App-ID for XP OS?

Has anyone written a Custom App-ID to identify XP OS, and more specifically browser based access. I would like to identify any XP, but realize I may only be able to see via browser headers.

Global Protect Client .cfg file?

I would like to deploy the Global Protect Client pre-configured with the Portal IP address in it. Does Palo Alto have a client packager or is there a file that can edited and added with the client install file?Thx

SSL Decryption - What categories do you decrypt?

Right now we have a policy to never decrypt shopping and finance/banking sites, and we decrypt web based email and social networking.I know there are issues with certain applications (Windows Update I believe?) if you try to decrypt so I wondered what your decryption/inspection policies are?

Gizmodo Vulnerability in IE?

Anything known, or being doe about this?thanks//moe http://gizmodo.com/new-vulnerability-found-in-every-single-version-of-inte-1568383903/+whitsongordon

WildFire - What sort of hit rate do you see?

I enabled WildFire a month or so back.I know it works as I download files regularly from the PAN "random wildfire test file" site and sure enough a little while later an alert pings in and it shows in the dashboard.In production it seems that everything that my users download is either from trusted sources or has checksummed as clean - in theory...

Admins linked with AD

hirecently am creating an admin and linking it with my ad, whenever i click ok i got the attached error,i checked my ldap settings group-mapping auth_profile all correct with no spaces or characters that which could be be a reason, username and password are correct. do i need domain admin ? because i created a normal account, if anybody faced th...

Resolved! Global protect error message

Hi.I've got a user trying to connect to my PA through a Global protect VPN, and the firewall is giving me the following error messageGlobalProtect gateway client configuration failed. User name: <xxxx>, error: Assign private IP address failed.I know the pool for the configured GP gateway is large enough (/24) for her to be assigned an IP o...

darren_g by L4 Transporter
  • 11979 Views
  • 12 replies
  • 1 Likes

Resolved! Cant Syslog off of Panorama ?

My PA-4020's are busy to say the least. They do send traffic, threat and URL Filtering logs to Panorama. I want to be able to create a Log Forwarding profile on Panorama to send these logs off to a Syslog Server. Under Server Profiles Syslog, I create a new syslog server entry. I save it and commit the changes. When I go to Objects, Log Forwardi...

jhickey by L3 Networker
  • 7186 Views
  • 5 replies
  • 0 Likes

Resolved! LDAP profile broken after upgrading to 5.0.10

Hi,I upgraded my firewalls to PANOS 5.0.10 yesterday, and after the upgrade the LDAP profile fails with "invalid credentials". I have tried resetting the password for the account used, but the error still persists.Have anyone else encountered this issue? Experiencing the same issue both on PA-3020 and PA-200, and the error started occuring immed...

arvesynd by L3 Networker
  • 10367 Views
  • 13 replies
  • 0 Likes

Palo Alto Virtual Firewall Platform

Is anyone using one of these but as an internet facing firewall vs. firewalling the VM's on the host the firewall is running on?From the pricing and specs and the amount of HA that vSphere can provide, I'm trying to understand what the "catch" is vs. a physical Palo Alto?

Resolved! Captive Portal SSL Certificate Error

We're running 5.0.10 with Captive Portal.We have an SSL certificate installed for *.domain.com and have several internal DNS entries that point something.domain.com to various physical interfaces on the Palo Alto.We recently revoked and rekeyed our wildcard cert and since importing and replacing all instances with the new certificate, on some ma...

Bi-Directional NAT using DMZ instead of Outside interface

The reason for this post is I'm collapsing 2 ASA that are configured one in front of the other into a single PANW firewall. The DMZ interface on the inside ASA is technically treated as the "outside" interface. All NAT is performed on this DMZ interface. After the collapse, the DMZ interface will still exist but a true Outside interface will ...

attacking site and PAN

HelloFew days ago I discovered site with some information about VMware Update Manager. I had a problem with it and I was searching for solution.This site is www.bourgelat.net/cannot-patch-definitions-vmware-19988I have PA with all licences but PAN software doesnt detect any bad traffic I asked PAN to change categorization to malware site, but to...

_slv_ by L4 Transporter
  • 6758 Views
  • 13 replies
  • 0 Likes

Opt-out page for HTTP ?

We would like to have a web response page that is presented to the user when the user launches their browser for the first time that asks them if they abide by the AUP rules. Basically same concept as the https opt-out page. Is this possible? If so, can someone please advise how.Thanks in advance for your response

  • 24403 Posts
  • 123 Subscriptions
Top Solution Authors
Labels