General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

How and Why to Accept a Solution to Your Post

Did you know that you can help your fellow community members by accepting solutions when a reply answers your question Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature

...

JayGolf_0-1691518400714.jpeg
JayGolf by Community Team Member
  • 1883 Views
  • 1 replies
  • 10 Likes

Resolved! Using variable for PANOS version when using CEF (Arcsight)?

According to https://live.paloaltonetworks.com/docs/DOC-2835 the (current) certified formats for use with CEF is:

Traffic

CEF:0|Palo Alto Networks|PAN-OS|4.1.0|$subtype|$type|1|rt=$cef-formatted-receive_time deviceExternalId=$serial src=$src dst=$dst s

...

mikand by L6 Presenter
  • 3102 Views
  • 4 replies
  • 0 Likes

with Net Optics bypass switch deployment

Hi,

The bypass switch detects heartbeat from Palo Alto firewall to determine if it is alive.

What happens if, by any chance,  PANOS become unresponsive but the hearbeat ping is still alive? will the bypass mode be ON?

anyone having this experience with

...

cl_wong by Not applicable
  • 1721 Views
  • 2 replies
  • 0 Likes

Resolved! copy security profiles and log options

Hey all,

Do you find it annoying you can not copy security profiles and log options the way you can copy zones, objects, user, applications and services from one security rule to another through the GUI?

Manually adding the same security profile for a

...

mr.linus by L4 Transporter
  • 1906 Views
  • 2 replies
  • 0 Likes

Resolved! DMZ or NAT for web server

Hi there,

I'm looking for some insight on the best security design for several externally accessible web applications. We have several public IP addresses available and can simply do a 1:1 NAT for each web server, put it in a DMZ, or both. Each web se

...

Resolved! panorama user for specific vsys

Hi,

we created a user with device group and template admin role(only selecting monitor allowed)

also created a user with that role and choosing only 1 vsys for access control

when we logged in with that user we can see other vsys's traffic logs which ar

...

panos by L6 Presenter
  • 1702 Views
  • 1 replies
  • 0 Likes

Twinax Cable for PA-5000

Hello everyone,

Has anyone installed an PA-5000 series (PA-5020 and PA-5050) with a standard twinax wire? I want to connect a PA-5020 and PA-5050 to a Juniper SW with a twinax cable (EX-SFP-10GE-DAC-5m), and I want to know if it is possible or if anyo

...

Smartekh by L1 Bithead
  • 2520 Views
  • 3 replies
  • 0 Likes

Terminating multiple IPsec tunnels on an interface

Currenly all routing must take place on our core network. (due to backup ipsec tunnels and faster MPLS circuts)

Here is what we want to do but I am not sure how to accomplish this.

We have four IPsec Tunnels that we do not want to be routed to each oth

...

rbit0965 by L1 Bithead
  • 2360 Views
  • 2 replies
  • 0 Likes

SSL decryption

How would one  implement a man in the middle SSL decryption configuration on the Palo Alto without the client's browser popping up with a untrusted cert message?

DendreT by L1 Bithead
  • 1617 Views
  • 2 replies
  • 0 Likes

Resolved! In management plane there's some mysterious process.

Hi guys,

I've found out that our customers PA keeps high management cpu usage, and it seems that this process use most of the resource.

what's the 'appweb3' process and why the user is 'nobody'? Is there somebody who can explain this??

Thank you very m

...

JTR by Not applicable
  • 3995 Views
  • 4 replies
  • 0 Likes

Resolved! Paloalto Panorama Communication after license expired

We have couple of Paloalto 5050 firewall, which license got expired recently.   Is it possible to connect these firewalls with Panorama.

After device has been added in Panorama with device serial number, it is not connected and device IP details not s

...

Resolved! URL Log displays a lot of '%16%03%01/' as url for SSL traffic

What's wrong with the URL filtering and logging of the PaloAlto FW? We have many URL logs like '%16%03%01/' when users visit SSL websites.

Is URL detection for SSL websites broken?

Are there other users who have this problems?

We are not 100% sure but i

...

obor by L1 Bithead
  • 3728 Views
  • 9 replies
  • 0 Likes
Top Liked Authors