General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

File Types and Applications regarding SSL Decryption

Hi All,

I don't have content Filter License.

am I required to configure ssl decryption to block internet applications or file types?

shall I've a content filter license to configure ssl decryption or not?

Also I'm facing other Issues,

to open internet acc

...

Policies security rules - filtering issue

Hi,

Do you know is there any documentation regarding policies security rules filtering?

I have found some strange behavior for filtering. Examples below on the screenshots are from Palo Alto testing firewall (sv 5.0.6). As it can be seen, if I use fil

...

Monitor traffic - filtering issue

Hi all,

we have noticed inconsistency in PAN OS 5.0.8 and 5.0.9, compared to 4.1.9, related to monitor traffic filter. In older version message box pops-up in case filter is not properly defined (i.e. if there is syntax error), which is fine and helpf

...

Active/Active traffic log.

Hello

I knew session owner generate traffic log.

Does session setup device generated traffic log  If a session is denied L4 processing before L7 processing???

Network Diagram

Router#1(Power-OFF) ------ Router#2(Power ON)

            |                     

...

Resolved! use GlobalProtect for Network Logon

Dear,

Is it possible to use GlobalProtect with pre-logon enabled as a "Network Logon" for Windows?

This way I want to use the GlobalProtect to tunnel the domain-login request to our AD when the pc is on the road.

Ultimately we want to use this for users

...

mr.linus by L4 Transporter
  • 3551 Views
  • 8 replies
  • 0 Likes

Resolved! L3 deployment with dynamic IP and DMZ (NAT and PBF required?)

Dear all,

I'm trying to move from my initial vWire deployment to L3 in order to get rid of my SSG5. Later on I'll also get rid of my SA-2000.

Current layout:

ISP (dynamic IP) - PA vWire - SSG5 - PA vWire - Intranet

                                       

...

About updating AD group membership

Hello guys

1. I configured LDAP profile and update from AD DC

2. AD group named domain-users has about 10900 user

3. Customer created new user and applied new user to domain-users group

So I tried to refresh a group-mapping information by debug command.

...

7-Zip ARJ File Buffer Overflow Vulnerability(31030)

Has anyone come across this vulnerability?  We have several PC's with 7-zip installed for extracted .tar files in windows.  Even after we delete 7-zip, we still see these vulnerabilities being flagged by the pan.  Has anyone seen this behavior before

...

jmurphy by L2 Linker
  • 1713 Views
  • 1 replies
  • 0 Likes

Resolved! pa performance analyze

hey

i am trying to analyse if the PA is under load regarding to the PA specs,

the customer is having sometimes disconnects on the network, i can see that the CPU have peaks sometimes but mainly is OK

netcom@PA-IL-ACTIVE(active)> show running resource-m

...

minow by L4 Transporter
  • 2263 Views
  • 1 replies
  • 0 Likes

best practice User-ID strategy?

Hello,

first I try to give you some information. Our headquarter is located in Germany. All of our subsidiaries are connected to Germany via relatively slow VPN lines. Overall we have round about 20 DCs in different countires. Until now we have only 3

...

Why both portal and GW license for HIP ?

Hi,

Can someone give a competitive explanation for that ?

Portal for once, GW for every year.But why both ?

Vendor updates make sense for GW subs., what extra portal makes ?

Regards.

panos by L6 Presenter
  • 1468 Views
  • 1 replies
  • 0 Likes

SYSTEM ALERT : high : HA Group 1: ** version does not match

Hi Friends,

I wanted your help in solving this persiting issue.I have a PA4020 in HA mode which is configured in Active-Passive mode. From last few days i am getting the below error

SYSTEM ALERT : high : HA Group 1: Anti-Virus version does not match

SYS

...

u13168 by Not applicable
  • 4144 Views
  • 5 replies
  • 0 Likes

Does PA firewall really support 6in4 tunnel?


I have a free 6in4 tunnel from Hurricane Electric. The tunnel profile inucludes IPv6 Tunnel Endpoints, Routed IPv6 Prefixes and Anycasted IPv6 Caching Nameserver. I used these information to configure a Juniper SSG firewall and it works. I was told b

...

yq by L0 Member
  • 3693 Views
  • 3 replies
  • 0 Likes
  • 24191 Posts
  • 101 Subscriptions
This widget could not be displayed.
Top Solution Authors
Top Liked Authors
Labels