General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Resolved! Web Management DOWN?

Hi,We are trying to look at the ACC tab, but we receive "No Matching Records" in all te categories:I tried to restart the web-management, but I received this error: admin@PA> debug software restart management-serverProcess 'mgmtsrvr' executing RESTARTDec 06 12:35:16 Error: pan_read_full(comm_utils.c:97): srvr: fatal recv error. sock=3 err=Co...

ecardona by L1 Bithead
  • 3636 Views
  • 3 replies
  • 0 Likes

NAT Over IPSEC VPN

Hi,I am facing a problem with NAT over IPSEC VPN.I am trying to configure the NAt for incoming traffic from the client over a site to site VPN and basically i want to do a destination translation of the IP they access to my internal server IP.The Client is in VPN zone and my server sits in the DMZI configured Rule like thisSource zone(VPN)-Sourc...

Resolved! Deny internet access by OS

hi there,is there a possibility to create a rule to deny internet acces by specific os?i want to disconnect a large set windows xp clients from the internet, but allow access fo win7 clients.thank yousascha

skemena by L1 Bithead
  • 3420 Views
  • 2 replies
  • 0 Likes

Resolved! Equal Metric Default Route using a Single Virtual Router (Single ISP Providing 2x Internet Circuits)

We are in the process of replacing an internet facing Check Point (NokiaIP560) deployment with Palo Alto (PA-2050) running PAN-OS 5.0.9.The current checkpoint deployment has two equal cost default routes to the upstream providers routes. These two next hop IP addresses are the multi-group VRRP IP addresses to achieve outbound load sharing. Bel...

Smi12 by L2 Linker
  • 10473 Views
  • 3 replies
  • 0 Likes

Resolved! Can't find where an SSL cert is in use

I'm trying to delete an SSL certificate from a Palo Alto cluster I'm setting up via Panorama. It tells me the cert cannot be deleted due to this reason:because of references from:template -> {firewall cluster name} -> config -> devices -> localhost.localdomain -> vsys -> vsys1 -> captive-portal -> server-certificateI rem...

Issue in the syslog message format in Palo Alto 6 beta 1

Hello,I am currently on Palo Alto v 6.0.0-b23 and facing an issue with the format of syslog message.if we pass the same malicious file through Palo Alto device, syslog message forwarded by Palo Alto v5.0.6 and v6.0 beta are different. Palo Alto 5.0.6 forwards threat name and ID while Palo Alto 6 beta forward threat ID twice. Log on Palo Alto 6.0...

NHorsch by L1 Bithead
  • 2281 Views
  • 1 replies
  • 0 Likes

Detecting / mitigating Cryptolocker

Hello,my customer is worried about Cryptolocker infections in the network - CryptoLocker Ransomware Infections | US-CERT. Do you happen to have any best practices or general tips on how to use PAN tools to detect and prevent Cryptolocker from infecting hosts? Cheers, Tuomo

Tuomo by L1 Bithead
  • 4559 Views
  • 5 replies
  • 0 Likes

Can Nested Groups be used in the PAN (when using Group-Mapping)?

Hello, We are on PAN-OS 5.0.8 and use PA-5050, PA-5060, PA-200 (test boxes) and PA-3020's. We use the User-ID Agent running on VM servers. I have a couple questions, 1) When the PAN "loads" the group membership from our LDAP instance... we get the users that are part of the AD Groups we have "Group-Mapped"... Which is good and as expect...

Art by L3 Networker
  • 6118 Views
  • 1 replies
  • 0 Likes

Resolved! pdf summary report

I am having trouble finding how I would run a pdf summary report for a specific time period. If you click the summary report and then the date it generates for that day.Am I able to do this for the previous month?Thanks

haigroup by L1 Bithead
  • 3653 Views
  • 3 replies
  • 0 Likes

Resolved! Using Regex search in Monitor Tab

I want to make a search string with regular expression in Monitor tab --> TrafficLike that ( addr.src in (192.168.*?) ).If I have any miss syntax, please help me.Any document for Regular expression for searching in pan, please show me

Resolved! How to setup SSO on a Microsoft Surface PRO

Hi,We're using GlobalProtect client on many workstations. GP Agent is configured in SSO mode. This work flawlessly on Windows XP, 7, and some Windows 8 Pro PCs and tablets.I just got a brand new Microsoft Surface Pro running Windows 8 Pro 64 bits. For some reason, SSO won't work with this tablet. It looks like credentials are not sent to the GP ...

PatrickD by L1 Bithead
  • 4772 Views
  • 4 replies
  • 0 Likes
  • 24403 Posts
  • 123 Subscriptions
Top Solution Authors
Labels