General Topics
cancel
Showing results for 
Search instead for 
Did you mean: 
General Topics

Discussions

Join Us for a Tech Deep Dive Miniseries!

 

Stop Zero-Day Threats in Zero Time with Nebula PAN-OS 10.2.

 

Join us live for an in-depth look at the latest advancements in cybersecurity, best practices, tips and tricks, demos and
more to protect your business and defend against threats in real

...

nebula-on-demand-tech-deep-dive-miniseries-live-community-banner-2600x600.jpg
jforsythe by Community Team Member
  • 465 Views
  • 3 replies
  • 1 Likes

Resolved! Palo-Alto and Cisco WAAS

Hello,

We are migrating to a Palo-Alto 4020 cluster from our PIX firewall cluster. I have a question regarding Cisco WAAS and WCCP v2 traffic. The front end router redirects to a Cisco WAE via WCCP services 61 and 62. Both WCCP and the WAE mark the o

...

Dual ISP, PBF and DMZ

Hello.

I have a specific question about certain situation. There is a customer with 2 ISPs, let's call them ISP1 and ISP2. Customer has a single PA device to which both ISPs are connected. Each ISP provides a block of public IP addresses which are rou

...

santonic by L5 Sessionator
  • 2864 Views
  • 11 replies
  • 0 Likes

Maximum number of UserID Agents for 4.1.x ?

Whats the maximum number of UserID agents that can be configured to talk to the firewall ?

ie. Will the firewall complain if we have 200+ userID agents configured to talk to it?

I know each agent can monitor a maximum of 100 domain controllers.. but ho

...

ucteam by Not applicable
  • 2085 Views
  • 10 replies
  • 0 Likes

static routes

Hi

I have 4 interfaces;

eth1/1 = sub1 -> 10.10.1.1/24

eth1/2 = sub2 -> 10.10.2/1/24

eth1/3 = mpls -> 10.10.3/1/24

eth1/8 = wan -> x.y.z.w

default router on all interfaces

but now I need to route all 0.0.0.0/0 traffic from sub1 over the MPLS (10.10.3.10) and

...

FlexyZ by L3 Networker
  • 1483 Views
  • 6 replies
  • 0 Likes

Application-based DoS capabilities?

I am seeing several atempts by the same IP address utilizing t.120 to connect via port 3389 to the various Windows Servers that I have with external IP addresses (and, yes, some are actual Terminal Servers).  I would love to be able to configure a th

...

mmartin by L1 Bithead
  • 1393 Views
  • 3 replies
  • 0 Likes

Resolved! Session Clearing

I have a PA-500 Firewall.  I am trying to test some policies, however, when I add and remove users from groups, the Palo Alto isn't picking this up fast enough.  Does anyone know the command line to clear out a session from the Palo Alto so it will r

...

kaysun by L1 Bithead
  • 1467 Views
  • 3 replies
  • 0 Likes

Resolved! Panorama Distributed Certs

Am I going mad, or can anyone else not actually use certificates imported in Panorama and then distributed to end devices?

Once I have pushed these to PA's I cannot seem to apply them to 'functions' via the GUI or the CLI.

Using the same certificate up

...

apackard by L4 Transporter
  • 1087 Views
  • 3 replies
  • 0 Likes

Need to logout/login to see new signatures?

I think I may have found a bug with PANOS 4.1.1 on PA-5050s where the WebUI will not display new signatures until the user has logged out and logged back in again.

I left a browser (Firefox 10) logged in for several days, using it just enough that the

...

Mack by L2 Linker
  • 814 Views
  • 2 replies
  • 0 Likes

SSL decryption notification response page. Don't load !

Trying to set up SSL decryption these are the steps ive done:

* Configured SSL decryption rules

* Installed certificated on FW

* Installed cert on client computer with gpo, (yes it removed my warnings about saftey)

But it won't warn the user with the res

...

Create an App-ID for YouTube in the context of facebook

HI guys I am trying to create a custom App-ID to identify Youtube in the context of facebook, I would like to use this for a possible App QoS.

Dependency is youtube from facebook but defining youtube app in the context http-host-header is too complex,

...

Importing Configuration from Fortinet

Hi,

I'm experiencing a problem for importing configuration file from a cluster Fortinet 310B. After conversion, i try to load the file, and i recieve a message "File pan_conversion_l3.xml is malformed". I have tried to compare with the first configura

...

Web Browsing

Hi

We're about to install the web filter licence for the PA. Our current system is a proxy configuraiton via websense. Now that we're going to use the PA for web filtering is the best practise to create a security rule allowing all internal PCs direct

...

djrodb by L3 Networker
  • 725 Views
  • 2 replies
  • 0 Likes

Resolved! Block page for vulnerability protection

I have been testing the security profile for vulnerability protection.  I set the action for all critical threats to block. What should I expect to see on the user computer screen if a site does contain a critical threat recognized by Palo Alto?  Sho

...

oshcomp by Not applicable
  • 1419 Views
  • 3 replies
  • 0 Likes
Top Liked Authors