General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Ensuring a Safe and Secure Community: How You Can Help

 

Dear LIVEcommunity Members,

 

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

safe-community_oct24.jpg
report-content.jpg
jforsythe by Community Team Member
  • 440 Views
  • 0 replies
  • 2 Likes

Same model for HA to functional properly?

I understand that both firewalls should have the same feature licensing for proper failover, but has anyone implemented HA successfully using two different models? 5050 and 5020 for example? I know in the documentation it states both models must be t

...

Getting device hostname from PANOS DHCP

Hi,

I'm currently using the PANOS DHCP server to serve DHCP requests to our guest network, as it's seperated on it's own VLAN. I don't want any traffic from our guest network to reach our domain controllers, which serves as DHCP for our other VLAN's.

T

...

as-mg by L3 Networker
  • 3368 Views
  • 2 replies
  • 0 Likes

bad vpn connectivity\packet loss ip sec vpn

Hi

I have configured an fixed IP sec VPN tunell on my PA 500. The tunell comes up OK, and I can ping an traceroute an IP adress on the network I am connectod too, through the vpn tunell. But Packet loss lies between 20 and 40 % running ping tests.

We e

...

knutelde by Not applicable
  • 3325 Views
  • 2 replies
  • 0 Likes

Tweaking DSRI

So I keep hearing that disabling DSRI will improve performance.  I thought I read that most vendors do not even offer the option.

What are some guidelines for disabling DSRI?  I understand that incoming to own internal server is probably ok, but what

...

BobW by L4 Transporter
  • 4026 Views
  • 3 replies
  • 0 Likes

Can a A/A Floating IP be set to the interface IP ?

Hello - In the VRRP world, I can have 2 devices active with a single IP (VRRP IP address ) active only on 1.

I have a situation where I need to vsys a box (L3 & Vwire)    The vwires are replacing Tipping point IDP's , with active traffic, so I need Ac

...

dbrenipc by L3 Networker
  • 2568 Views
  • 2 replies
  • 0 Likes

Any experience with MediaFire?

I have an end customer who was attempting to download a file from mediafire (also known as causeway.com). His policy allows the mediafire application, and the initial connection is made, so the web site is accessible.

If he is provided with a download

...

Can PAN block proxy traffic originated from other country?

Hello guys

I'm trying to block some traffic originated from other country. PAN can block those traffics with its source address and regional info. But what if they use some kind of proxy(like ultra surf) to disguise its original source ip and change i

...

JTR by Not applicable
  • 6559 Views
  • 5 replies
  • 0 Likes

Pan OS 5.0

i have set up Palo Alto to send logs to syslog server.

Yesterday i have seen something unusual in THREAT,url log?

The length of the URL is 1044 bytes but in the Palo Alto log i can see some of the bytes is truncated?

Original URL:

http://s.youtube.com/ap

...

Resolved! Using variable for PANOS version when using CEF (Arcsight)?

According to https://live.paloaltonetworks.com/docs/DOC-2835 the (current) certified formats for use with CEF is:

Traffic

CEF:0|Palo Alto Networks|PAN-OS|4.1.0|$subtype|$type|1|rt=$cef-formatted-receive_time deviceExternalId=$serial src=$src dst=$dst s

...

mikand by L6 Presenter
  • 3818 Views
  • 4 replies
  • 0 Likes

with Net Optics bypass switch deployment

Hi,

The bypass switch detects heartbeat from Palo Alto firewall to determine if it is alive.

What happens if, by any chance,  PANOS become unresponsive but the hearbeat ping is still alive? will the bypass mode be ON?

anyone having this experience with

...

cl_wong by Not applicable
  • 2007 Views
  • 2 replies
  • 0 Likes
  • 23700 Posts
  • 110 Subscriptions
Top Solution Authors
Labels