General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

unknown-tcp going out to yahoo servers - pls update applipedia

part of my routine is looking for unknown-tcp and udp connections out. Love the feature.For a while ive seen a good amount of unknown-tcp connections out to yahoo.com domains.Anyone else seeing this?PA: Are you guys looking into this so I dont ahve to screen these IPs out when I do my checks.heres the ranges, they are all yahoo206.190.37.0/24206...

choff123 by L3 Networker
  • 3193 Views
  • 2 replies
  • 0 Likes

Searching Policy for different security profiles

Hi All, Is there a way to search on differentially assigned ( or null ) different security profiles ( AntiSpam / URL / Vulnerability etc ) within a policy ? We use a couple of different vulnerability profiles/URL Filtering profiles within the same policy and its painful not being able to find where they are assigned. Am I missing som...

dpenhall by L2 Linker
  • 3977 Views
  • 4 replies
  • 0 Likes

Resolved! Maximum number of custom app-id's

Hello,Does anyone know what the maximum number of different custom app-id's, that is supported on the different devices?Especially interested in the maximum on the PA-5060Jo Christian

User-ID Agent identifies local PC users so captive portal never kicks in?

I upgraded our PAN from 4.1.x to 5.0.10 and also upgraded the User-ID agent from 3.x to the latest 5.x.We have some rules configured with groups specified and we have captive portal in place and what used to happen was if you came along on a domain joined laptop but were logged on as a local account (so LAPTOPNAME\LocalAccount) you'd get the por...

Dynamic updates ERROR after updated 6.0.0. Why? HELP

HI ALLI updated yesterday software from 5.0.10 to 6.0.0 But after such an error occurredBefore that everything was normalBut after such an error occurredmany reboots, many check updates but the error is stillWHY HOW TO FIX HELP

MRPAM by L1 Bithead
  • 2033 Views
  • 1 replies
  • 0 Likes

Resolved! X FORWARD FOR with USER ID

Hellois it possible to use ip retrieved from the x forwarded header and combined with the user-id.my aim is to filter access per active directorie usergroup, but I have a proxy implemented between the palo and the user device.thank

Gregoux by L4 Transporter
  • 4936 Views
  • 3 replies
  • 0 Likes

Functioning DLP Policies

Has anyone implemented DLP on the Palo Alto firewalls that actually provides consistent results? I am struggling to get even something as simple as a regular SSN# to log and alert every time. I am using the built in regex for SSN and SSN without dashes and have SSL decryption running on the traffic. I will upload 8 or 9 files each with a separat...

tim123 by Not applicable
  • 3079 Views
  • 1 replies
  • 0 Likes

Resolved! Registry entry for Connect Method?

Does anyone know what the registry entry is for changing the "Connect Method" to on-demand? I am trying to push out the GlobalProtect client via WSUS Package Publisher. I am able to do the install and push the "Portal" key in the registry, but don't know what the reg entry is for the Connect Method is. The client keeps popping up until the user ...

Resolved! PANOS 6 Port mirror decryption

heywhere i should get the license mentioned here for enabling this feature• Decryption Port Mirror— Provides the ability to create a copy of decrypted traffic from a firewall and send it to a traffic collection tool that is capable of receiving raw packet captures—such as NetWitness or Solera—for archiving and analysis. This feature is necessary...

minow by L4 Transporter
  • 3673 Views
  • 4 replies
  • 0 Likes

GlobalProtect ip-user-mapping issue

PA-500PAN-OS 5.0.2Hello, we've deployed GlobalProtect with local user authentication (authentication profile = local database), user identification is enabled both on trust and vpnclient zones.Also, user mapping is enabled with UID Agent directly from the firewall.Everything's working fine with vpn authentication, once connected the client shows...

trafic redirection

Hi,I have a PA200 and i want to pass all users by this firewall, include whos connect with wirelesshow can i configure PA to inspect wireless usersthanks in advanceSarah

atelcom by L3 Networker
  • 2981 Views
  • 4 replies
  • 0 Likes

Suspicious DNS Query (generic:msreg.gale.com)(4034267)

I didn't find many about this domain "msreg.gale.com", Could someone help me to determine whether or not a false positvo??In the link below say it is not malware.It's Word 2007 - "Connecting To" Pop-upshttp://social.technet.microsoft.com/Forums/office/en-US/81a9d0a3-667c-4637-8d4d-1957120ec015/word-2007-connecting-to-popups?forum=wordThanks,dicu

SOC_CSG by L4 Transporter
  • 2598 Views
  • 1 replies
  • 0 Likes

Resolved! Blocking page with SSL

Hi in the normal way palo could answer directly to the client device wiht the bloking page when url filtrering match the categorie.but when the application is SSL the palo couldn't answer with the bloking page and reset directly the session.is it possible instead of reset the session to make 302 redirection with and present a bloking pagethank

Gregoux by L4 Transporter
  • 3037 Views
  • 3 replies
  • 1 Likes

Hello community I got a issue that I would like your assistance on

Hello community I got a issue that I would like your assistance on:PAN is passing traffic but its failing to reach the destination point, PAN isn't receiving traffic from destination .customer asked to keep ticket open so, he can check is the destination firewall was blocking all in/out traffic

lhylton by Not applicable
  • 3602 Views
  • 4 replies
  • 0 Likes
  • 24393 Posts
  • 123 Subscriptions
Top Solution Authors
Labels