General Topics

Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

 

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! 

 

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 195 Views
  • 0 replies
  • 0 Likes

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

 

Rules and Best Practices

 

  1. Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion
...

JayGolf by Community Team Member
  • 878 Views
  • 0 replies
  • 0 Likes

Resolved! Policy log settings

Hi Pals,

I would like some second opinion on my observation reg. the option 'log at session start' and 'log at session end'. I have tried both options and at the same time monitor the generated traffic logs for each setting. This is my observation:

a)

...

Suhaimi by L1 Bithead
  • 3793 Views
  • 4 replies
  • 0 Likes

Dynamic block list and custom blocked page

Hi,

I am planning to use custom blocked page. So far I have got the logic of creating custom block page and using it in the policy. I would however like to know if I can somehow redirect user to custom blocked page and inform user that his/her access

...

File blocking..

Hi Gents,

I have a Palo Alto 5050 installed between users and my Server Farm.

I configured a security policy to allow access to the File Server, and applied a File type profile to block files such as exe, avi, and FLV.

but the file blocking doesn't work

...

File Types and Applications regarding SSL Decryption

Hi All,

I don't have content Filter License.

am I required to configure ssl decryption to block internet applications or file types?

shall I've a content filter license to configure ssl decryption or not?

Also I'm facing other Issues,

to open internet acc

...

Policies security rules - filtering issue

Hi,

Do you know is there any documentation regarding policies security rules filtering?

I have found some strange behavior for filtering. Examples below on the screenshots are from Palo Alto testing firewall (sv 5.0.6). As it can be seen, if I use fil

...

Monitor traffic - filtering issue

Hi all,

we have noticed inconsistency in PAN OS 5.0.8 and 5.0.9, compared to 4.1.9, related to monitor traffic filter. In older version message box pops-up in case filter is not properly defined (i.e. if there is syntax error), which is fine and helpf

...

Active/Active traffic log.

Hello

I knew session owner generate traffic log.

Does session setup device generated traffic log  If a session is denied L4 processing before L7 processing???

Network Diagram

Router#1(Power-OFF) ------ Router#2(Power ON)

            |                     

...

Resolved! use GlobalProtect for Network Logon

Dear,

Is it possible to use GlobalProtect with pre-logon enabled as a "Network Logon" for Windows?

This way I want to use the GlobalProtect to tunnel the domain-login request to our AD when the pc is on the road.

Ultimately we want to use this for users

...

mr.linus by L4 Transporter
  • 4170 Views
  • 8 replies
  • 0 Likes

Resolved! L3 deployment with dynamic IP and DMZ (NAT and PBF required?)

Dear all,

I'm trying to move from my initial vWire deployment to L3 in order to get rid of my SSG5. Later on I'll also get rid of my SA-2000.

Current layout:

ISP (dynamic IP) - PA vWire - SSG5 - PA vWire - Intranet

                                       

...

About updating AD group membership

Hello guys

1. I configured LDAP profile and update from AD DC

2. AD group named domain-users has about 10900 user

3. Customer created new user and applied new user to domain-users group

So I tried to refresh a group-mapping information by debug command.

...

7-Zip ARJ File Buffer Overflow Vulnerability(31030)

Has anyone come across this vulnerability?  We have several PC's with 7-zip installed for extracted .tar files in windows.  Even after we delete 7-zip, we still see these vulnerabilities being flagged by the pan.  Has anyone seen this behavior before

...

jmurphy by L2 Linker
  • 2035 Views
  • 1 replies
  • 0 Likes

Resolved! pa performance analyze

hey

i am trying to analyse if the PA is under load regarding to the PA specs,

the customer is having sometimes disconnects on the network, i can see that the CPU have peaks sometimes but mainly is OK

netcom@PA-IL-ACTIVE(active)> show running resource-m

...

minow by L4 Transporter
  • 2653 Views
  • 1 replies
  • 0 Likes
  • 24011 Posts
  • 115 Subscriptions
Top Solution Authors
Top Liked Authors
Labels