General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Resolved! SSL decryption - Forward UNtrust certificate presented

Hello,

We experienced a problem with a specific SSL encrypted site: https://panakeia.infoman.de/

The original certificate is issued to "*.infoman.de" and was issued by Go Daddy (--> InfomanCert_Original.png). It seems to be perfectly valid but still ou

...

oschuler by L4 Transporter
  • 5248 Views
  • 7 replies
  • 1 Likes

Custom Report Problems

We are trying to set up our reporting to pull in groups from active directory and then send out emails to the managers of those groups.  I think I have the configuration correct but am getting random numbers of lines returned in the result(obviously

...

rhawley by L0 Member
  • 891 Views
  • 0 replies
  • 0 Likes

JS/Trojan.iframe virus?

Hello,

I'm seen hits for the JS/Trojan.iframe virus only since last Wednesday or Thursday.  Have seen them associated with three different websites.  I suspect false positives.  Anyone else out there just started seeing these?  Was the virus definitio

...

schaleg2 by L0 Member
  • 2558 Views
  • 7 replies
  • 0 Likes

SSL VPN and iPhone OS 4.0

I was looking at the new specs for the 4.0 code of the iPhone OS, and saw that they were opening up the SSL VPN function to Juniper and Cisco.

Any chance Palo Alto is working on a NetConnect app for the iPhone?

http://www.apple.com/iphone/business/prev

...

mharding by L4 Transporter
  • 18240 Views
  • 58 replies
  • 0 Likes

QoS for Microsoft Lync

We are starting the initial rollout of Microsoft Lync clients.  Has anyone setup QoS for Lync on the Palo Altos?  Any issues to look out for that anyone has run into?  We have 6 sites that will eventually have Lync clients and I want to make sure the

...

dan_mc by L0 Member
  • 1620 Views
  • 1 replies
  • 0 Likes

Resolved! PBF for Torrent Traffic

I am trying to establish a policy to send all traffic based on bittorrent through a specific ISP.

However, when I add any application under the destination application, I get the error: application 'bittorrent' is not an allowed keywordapplication 'bi

...

rsaber by L1 Bithead
  • 1148 Views
  • 1 replies
  • 0 Likes

Resolved! How real-time is User-ID?

Kind of as per the subject really.  I'm interested in using User ID so that only authenticated users have internet access, but I'm not sure quite how "real-time" it is?

  • Someone comes in and switches on a computer, logs onto the domain, tries to browse
...

Screencast-O-Matic issue

Has anyone used Screencast-O-Matic and come accross the following issue

when a normal user tries to use the java based browser plugin they are blocked from using it (palo alto doesnt show a block). from looking at our external firewall filters it seem

...

d_ballam by Not applicable
  • 1407 Views
  • 0 replies
  • 1 Likes

Resolved! meaning of source-user pre-logon

Hi,

Can anyone explain what the option "pre-logon" means as a value for source-user in a security policy?

I can't find anything about it. Not in the build in help, the admin guide nor the CLI reference.

nwsol by L2 Linker
  • 3693 Views
  • 5 replies
  • 0 Likes

Peer identifier for azure is required to be set

I have got a tunnel set up successfully to Azure but have had to specify the peer identifier by IP address which will not be very stable.  Azure support advise that the peer identifier set by azure is dynamic and that some firewall vendors (Cisco, Ju

...

Slow download for Metasploit Updates

I have question and I am not sure if I am posting this in the right place. I am also new to Palo Alto firewalls. I have a lot of experience with Cisco and SonicWall so you'll have to excuse me if I sound a little ignorant concerning Palo Alto at the

...

about user-id info

Hi All,

Is any one knows, what is the correct information that should be selected in the Poliies -> Security -> Source User columns, ldap format(e.g  cn=users,dc=abc,dc=com) or abc\users?

I can see the format in the command line with command " show use

...

Resolved! Maximum profiles on PA-500?

We recently received an error on our machine that says:

"Number of profiles exceeds vsys capacity (50)". 

Is 50 a hard limit or is there a configuration somewhere to increase this number?  We don't see anything in the documentation about max profiles

...

garret by Not applicable
  • 1455 Views
  • 2 replies
  • 0 Likes
Top Liked Authors