General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

 

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! 

 

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 288 Views
  • 0 replies
  • 0 Likes

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

 

Rules and Best Practices

 

  1. Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion
...

JayGolf by Community Team Member
  • 965 Views
  • 0 replies
  • 0 Likes

Is config saved at a flash memory?

Hi.

I saw PAN-OS 5.0 Administorator Guide.

P37 bellow

------

Revert to last saved config Restores the last saved candidate configuration from flash memory. The current

candidate configuration is overwritten. An error occurs if the candidate

configuration h

...

Resolved! Ignoring control flags

Is it possible to ignore tcp control flags in the Palo Alto?

I have a client where several nodes talk back to a server through the PAN. The nodes will send a FIN packet so the PAN will drop the session.. however, the vendor requires the session to sta

...

SDorsey by L4 Transporter
  • 2796 Views
  • 3 replies
  • 0 Likes

gotoassist application recognition

Is anyone else having issues with PA not recognizing gotoassist very well ?

Citrix documentation expects you to open tons of DNS addresses and/or IP ranges, but I'm a bit wary of opening ALL traffic on ports 80 and 443 to these (most IP ranges are on

...

dieter_b by L4 Transporter
  • 3627 Views
  • 4 replies
  • 0 Likes

Response Page using HTTP

Hi,

We are working on custom response pages for all our devices but wanted to know if it was possible to deliver then using HTTP instead of HTTPS as the default ones currelty come via HTTPS and users have to accept the invalid certificate. We have val

...

bcsgroup by L2 Linker
  • 2699 Views
  • 3 replies
  • 0 Likes

Resolved! Can the GlobalProtect Portal be disabled?


I would like to disable the GlobalProtect portal. We would like to control the deployment and installation of the GP client with other tools, and not have this outside logon page availabe to the world, but I still want to be able use the GP Client. C

...

ldavie by L2 Linker
  • 2556 Views
  • 1 replies
  • 0 Likes

vWire Fails in BGP

Hi,

We have a deployment of Palo Alto in vWire mode. But after it was setup, bgp is no longer functioning. I already created an allow all policy but it didn't work as well. Any advise that can help me to make this work?

Thanks,

Rex

Resolved! The java.tomdep worm ?

Hi,

symantec announce a worm named java.tomdep,

Ref link :

http://www.symantec.com/security_response/writeup.jsp?docid=2013-111815-1359-99

Can Paloalto with Threat Prevention can stop this threat ?

Regards

Hey guys have any of you ever come across this issue:

I was looking at some logs and noticed data displayed in the screenshot below.  There are several things highly questionable about the data displayed here:

  • - The Start Time is in 2031, and the receive time is 2013.
  • - Bytes Received is about 2 exabytes
...

lhylton by Not applicable
  • 2537 Views
  • 3 replies
  • 0 Likes

Resolved! Populating Panorama from an existing firewall.

We have a lab PA2050 that I have tweaked to exactly where I want it to be. We are now trying to add it to a lab Panorama and I would like to populate Panorama with all of the policies and objects from the lab 2050. I exported the running config to an

...

Failed to get CRL http:// ...

Im getting tons of failed to get CRL errors in my logs all of the sudden. Im not sure what I did (if anything) to cause this.

Ive tried to fix it,

  • I tried to enable  "Server CRL"
  • I did a nslookup on crl.verisign.com and I cant see any connections outbou
...

choff123 by L3 Networker
  • 4288 Views
  • 4 replies
  • 0 Likes

Resolved! Security Policy Configuration.

Hi Gents, here is my PA design as active active.

to be clear, the server farm is connected to the Core switches, and the Clients are connected to both Agg switches.

the PA Configuration is in VWire mode.

the question here is, when I create a security po

...

Methods for creating security policies

When creating security policies would it be better to create a separate policy for inbound and outbound traffic, trusted and untrusted, per user group or one policy to manage both ways to minimize number of policies

Resolved! No app ID for for WinRM, port 5985?

I am trying to add WinRM to a allowed policy and I am not finding the app for it. Does PA call it something different? I was thinking there was a way to search the app db by port but nothing is coming up.

jeffm by L0 Member
  • 5497 Views
  • 1 replies
  • 0 Likes

Resolved! GRE protocol traffic

Hello to All,

I noticed some strange behavior regarding GRE protocol, and try to explain what exactly is strange:

Customer has unfortunate GRE VPN tunnel and in one policy "Public_ulaz_GRE" they stated to pass only GRE and NVGRE protocol respectively.

...

Tician by L3 Networker
  • 5828 Views
  • 2 replies
  • 0 Likes
  • 24033 Posts
  • 115 Subscriptions
Top Liked Authors
Labels