To all, Just wanted to post a message about the Hot Topic right now, which is Covid-19. With all of this going around, everybody's health and safely is the utmost concern. Keeping your hands clean, washing your hands (A LOT), using hand sanitizers, a...
Hi there,I know that each model has a max number of sessions that can be handled overall. But is there a way to reduce this number of max sessions in the configuration?Many thanks for your help.Regards,Sylvia
Hi there,is there a way to limit the bandwidth per source IP?As far as I know the QoS policies limit the bandwidth per interface not per source IP. Is this correct?Regards,Sylvia
For the replacement test,I had set the spare SSD in the PA-5000,and some logs was written on SSD.Could you tell me how to format of SSD?
Hello, New to the forums and Palo Alto, and I have a simple question. How do I pull a report for all websites a user has visited? Seems straight forward enough, but a user activity report is extremely lacking and to be perfectly honest I am not sure ...
Works the User-ID XML API only with LDAP Agent or works too with AD Agent?We need to make a logof script to delete the entries of some users.
I have a PA-4060 and am monitoring via a TAP port my Internet connection and want to see how much traffic is being sent to the IPS engine hardware. I need to know this because I know the IPS functionally is 1/2 of the rated throughput of the firewall...
I have some problems with user identification and I'm very confused about how it works.In the case that we use User-ID agent with AD. Is it the following process correct?1.A user makes a logon in PC-A , with his domain credentials.2.An event is creat...
I tried to download temaviewer (TeamViewer_Setup_it.exe) but the firewall pa500 blocked me like viruses Trojan/Win32.agent.ckovs what should I do?
Does PA support unix-style tracerouts. I have enabled ICMP and PING, but tracerouts from unix hosts through palo alto are still being denied. Looking at this a little bit further, we noticed that windows-style tracerouts use ICPMP echo requests and r...
Is it possible to secure SSH with a public/private key or some other means. I have noticed an extremely high number of logon attempts, and want to block these as much as possible. I am sure I can lock it down to certain source IP addresses, but I wou...
Hi All,I heard that its possible to have a vsys with a different PAN-OS that the others, to do such things as test the PAN-OS upgrade out with rules, etc before applying it across the board to all.What I can't see in the appliance UI, is how to do th...
Hi All,I'm trying to create a role based user, that is specific to a vsys. when creating a user when logged in as the superuser,I can't create a user, and select the RoleBased profile that is based on a vsys, as the ok button grey's out.Is there a st...
Hi,We have a couple of Linux Samba servers that can only talk NTLM 0.12 dialect(this is from packet captures).If I am connecting to a Linux Samba share from the internal LAN my Win 7 client(that supports up to SMB 2.0) negotiates down to NTLM 0.12 an...
Hi,I have an issue wen my co-worker try to download a file from php.net.I cannot find wich progam is called in my policies rules.The file is available at : http(s)://pecl.php.net/get/oci8-1.4.6.tgz and cannot download it.Thank you and sorry for my ba...
I have configured a couple of layer-3 subinterfaces on a aggregate, they are tagged as VLAN 700 and VLAN 800, in my cisco switch I have configured a trunk port that permits VLAN 700 and VLAN 800 to pass traffic across it. When plugged in, everything ...
on:
General question about firewalls
on:
How to identify high dataplane CPU
on:
Limiting users access in palo alto firewall
| Subject | Likes |
|---|---|
| 2 Likes | |
| 2 Likes | |
| 2 Likes | |
| 2 Likes | |
| 2 Likes |
