General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Building a custom signature

Hi there,

I have some DVR CCTV cameras on some other sites that I need to be able to view within my network behind the PA box. At the moment I have been able to get them access by doing a security rule allowing access from certain users/IP's to the IP

...

JRussell by L3 Networker
  • 1041 Views
  • 1 replies
  • 0 Likes

Troubleshooting AD (LDAP) auth

Hi,

I'm trying to setup my PA-5050 with PANOS 4.1.6 in a multi-tennat environment.

I have different vsys (more or less one for each tennant). What I want to do is provide VPN access (Global Protect) using LDAP auth to each vsys using the AD servers con

...

u16788 by Not applicable
  • 1367 Views
  • 0 replies
  • 0 Likes

Resolved! How to unblock "Virus Download Blocked"?

A client want to download a exe file from a bank website to log into its online banking system, however she got the following message after she clicked download link "http://www.cmbc.com.cn/download/民生个人网银安全控件.exe".

Is there anyway to unblock the spec

...

yq by L0 Member
  • 6214 Views
  • 2 replies
  • 1 Likes

getting pan apps description like in gui

Hi,

In PA, we can get a description of an apps in Objects>appliactions> then click on an apps.

But there is a way, with a CLI, to get the same description for all applications?

I have seek it on PA site, but failed to find something.

I need this for a ma

...

Resolved! URL Filter - Block one and log the rest

On a PAN with no BrightCloud license, you can still use the URL filtering "Block" and "Allow" lists. Right now I use that feature to have a "log-all" URL filtering policy where I have "*" in the block list and an action of "alert." But now I have one

...

cosx by L2 Linker
  • 2024 Views
  • 3 replies
  • 1 Likes

Exporting Security Policies

One of our PCI Compliances is to have a record of the firewall rules, and review them once every six months. My Director likes to have them in a Excel Spreadsheet. Since the beginning, we have went from 79 policies to just about 200 policies, and cop

...

mharding by L4 Transporter
  • 2720 Views
  • 2 replies
  • 0 Likes

Scheduled Log Export Failure


I have Scheduled Log Export but it's failing.  The system log reads "Failed exporting traffic log via ftp (last-calendar-day)".

If I run the export command via CLI, it runs successfully.

>ftp export log traffic start-time equal 2012/11/28@00:00:00 end-

...

MLaden by Not applicable
  • 1866 Views
  • 2 replies
  • 0 Likes

Resolved! OSPF A/P HA Config with Floating Static Routes

I am trying to understand the sample OSPF Active/Passive HA configuration outlined in Tech Note: How to Configure OSPF  https://live.paloaltonetworks.com/docs/DOC-1939 .   The problem I have is with the floating static routes defined on upstream and

...

oshcomp by Not applicable
  • 3005 Views
  • 1 replies
  • 0 Likes

Problem when run custom report in OS 5.0

Dear all,

I set custom report as below:

Then I run this report, but after a period of time I saw this message:

It random happen when I run in 3 severity query (critical, high, medium) and only in OS 5.0. I tried to downgrade to 4.1.8 and it run normally

...

nguyenma by Not applicable
  • 769 Views
  • 0 replies
  • 0 Likes

Dynamic block lists - possible xml config corruption

We recently upgraded to 5.0 and one of the first things I wanted to try out was the dynamic block lists.  I set up 4 block lists (dshield, zeus tracker, palevo tracker, spyeye tracker) and tested to make sure the URLs were accessible.  I rec'd the me

...

sconley by Not applicable
  • 1401 Views
  • 2 replies
  • 0 Likes

Hostname used for logon

I have a customer that is trying to use the hostname when browsing to the Palo to logon. They get to the logon page just fine, but after they enter their credentials and hit enter, the page goes to grey and just sits there. If the customer used the m

...

cdamore by L1 Bithead
  • 1228 Views
  • 2 replies
  • 0 Likes

Management is still terrible

We've been using this platform for over a year now and the interface is not great to say the least. It takes no less than 30 minutes to make the most basic change. Is anyone else feeling the pain? Our SE is useless. Please create a Java client to rem

...

Resolved! Captive Portal Configuration

I have read over the document on how to configure the captive portal. Maybe I am missing it, or having a senior moment, but I am little puzzled.

What I want to do is make sure when we have guests, vendors, salespeople etc, connect their device to our

...

Top Solution Authors
Top Liked Authors