General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Wildfire Threat Type

I clicked on the Magnifying Glass icon of a Wildfire Submission Log entry and there are related log entries that shows a Threat Log Type Wildfire. When I went to the Threat Log and tried to filter on Type equals Wildfire nothing comes up. As a matter of fact, there's no Wildfire Threat Type in the Threat Log.Can someone please explain why the Re...

jwolach by L4 Transporter
  • 2055 Views
  • 1 replies
  • 0 Likes

Clientless User-ID problem

Hello.When debugging clientless User-ID I've noticed a strange entry in useridd.log log file. I'm trying to connect to 2 AD servers.It says:2014-04-07 10:44:09.875 +0200 Error: pan_user_id_win_log_query(pan_user_id_win.c:1319): log query for server1.xyz.aa failed: [lib/socket/interface.c:212:load_interfaces()] ERROR: Could not determine network...

santonic by L6 Presenter
  • 5495 Views
  • 7 replies
  • 0 Likes

Stopping email alert for Syslog related Logs.

How stop email alerts for syslog related logs? For example Email alert is generated for every one hour that syslog server is active.Note: The log severity level for email alert is configured for high and it should be changed.

Gururaj by L4 Transporter
  • 4643 Views
  • 3 replies
  • 1 Likes

Resolved! A lot of unknow-udp traffic (port 123)

HiI observed since 04/09 a lot of traffic clasified as unknown-udp from my DMZ to Untrust. It could be missidentified because I have security rule that allow NTP.It could be related to 429 package of Thread prevention update. Now I'm on 430-2169.Do You have the same?RegardsSLawek

_slv_ by L4 Transporter
  • 5161 Views
  • 3 replies
  • 1 Likes

Resolved! software update schedule

Hi quick question regarding software updates. I know you can pull updates manually within the device, but I was under the impression that these updates would pull and install automatically. We had a consulting company help with our install so I may be missing where the updates might be scheduled?:Our current update status shows:The current softw...

bino150 by Not applicable
  • 3248 Views
  • 1 replies
  • 0 Likes

Resolved! Log Category and Current Category : PAN-DB

Hello,Anyone here having the same issue? Please see the image below,The URL that we are browsing isn't match with the Log Category.We already tried re-downloading the whole URL PAN-DB. Also, the URL category on the cache identifies "youtube" as streaming-media.Thank youRegards,hartkently

QoS policies

hi!i have a question regarding the QoS feature, so here goes:the scenario is the following - we have 2 apps for which we would like to limit the bandwidth, lets say app1 and app2. we have edited one of the QoS classes in the default QoS profile, class 3, and set the max guaranteed bandwidth to 2Mbps.the next step would be to create the QoS polic...

Heratbleed CVE-2014-0160 - New Vulnerability Signatures

Palo Alto released multiple vulnerabilities for the Heartbleed bug.New Vulnerability Signatures (3)SeverityIDAttack NameCVE IDVendor IDDefault ActionMinimum PAN-OS Versionmedium40039OpenSSL TLS Heartbeat Brute Force - HeartbleedCVE-2014-0160alert3.1.0informational36417OpenSSL TLS Heartbeat Foundalert3.1.0medium36418OpenSSL TLS Malformed Heartbea...

Antivirus and apps - Error in retreiving data - PAN OS 6.0.1

Hi,I'm a customer with two PaloAlto PA-2020 with active/passive config running without issues.I've just upgraded from 5.0.11 to 6.0.0 and then to PAN OS 6.0.1 (latest)Starting with PAN OS 6.0.0 I can't check for apps and antivirus upgrades from the "Dynamic Updates" link. It gives the error "Error in retrieving data".This situation didn't happen...

MGCP being dropped since upgrading to 6.0.1

We upgraded our PA5020 from 5.07 to 6.0.1 to utilize TLS 1.2 to handle decryption but as a result we have created an issue with our phones. We have a couple call managers behind the PA5020's at our data center and several branch offices around the world that rely on them. The branch MGCP gateway uses UDP 2427 to send notification messages and TC...

froggyj by Not applicable
  • 5258 Views
  • 4 replies
  • 0 Likes

Resolved! PaloAlto and VCS gateway - H323 / SIP

Hi all,Installing a palo on network with VCSExpressway (cisco ToIP) module.After reading other discussion (https://live.paloaltonetworks.com/message/7757#7757, https://live.paloaltonetworks.com/message/12132#12132, , for a "full" compatibility between palo and VCS, we have to create app override for disabling the app L7 PA's analyse (for NAT rea...

VinceM by L5 Sessionator
  • 4461 Views
  • 2 replies
  • 0 Likes

Resolved! Can a Subnet Live on Both Sides of an IPSEC Tunnel?

We are planning on moving to a new office space. We need the networks in the new office space and the current office space up and running at the same time during the transition. This has raised the question on how this can even be done. We were wondering if it's possible to create IPSec VPN tunnels between offices on our PA3020s and have the sam...

Service Contract Ending

My service contract is about to end, and we are not planning on extending it as we are replacing our 3020s with some other firewalls. We are still planning on using the firewalls in our network, but not to do the threat detection stuff.I would like to make sure theses boxes still work if they are not under a service contract. It seems silly to...

kzaugg by L0 Member
  • 3044 Views
  • 3 replies
  • 0 Likes
  • 24402 Posts
  • 123 Subscriptions
Top Solution Authors
Labels