General Topics

Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

 

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! 

 

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 194 Views
  • 0 replies
  • 0 Likes

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

 

Rules and Best Practices

 

  1. Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion
...

JayGolf by Community Team Member
  • 877 Views
  • 0 replies
  • 0 Likes

Resolved! OCSP service route?

Question: What service route does the PA take for his OCSP requests?

Since we can not choose anything under the service routes, I suppose it will use the management as default...

Is there any way to change this to some other interface?

Linus

mr.linus by L4 Transporter
  • 6796 Views
  • 8 replies
  • 0 Likes

connectivity issue when firewall HA failover

Did anyone encounter such issue?

We noticed that whenever the firewall triggered a failover (FW1 to FW2).

external services seem to be disrupted.

eg1 :Gomes monitoring informed of connection/performance issues (though we test from some countries to be

...

ateo by Not applicable
  • 3559 Views
  • 5 replies
  • 0 Likes

SSH2 Login Attempt - ID 31914

Name:SSH2 Login AttemptID:31914Severity:Description:This alert indicates a login attempt against the target SSH server. If there are too many login attempts, then it may means an attack is try to brute-force user name and password.

I don't know who wr

...

rroberts by Not applicable
  • 8663 Views
  • 2 replies
  • 0 Likes

Resolved! AD Policy

In Active Directory, we have a policy that requires all users to change their password every 90 days.. we have it configured to prompt within the last 15 days of expiring.. this is not happening for Global Protect users..the user gets stuck in a loop

...

rrau by L3 Networker
  • 3152 Views
  • 6 replies
  • 0 Likes

connection interrupt

Hi,

An internal application is used for databese.It's default port is 5520

when we saw this behaviour we wrote an application override rule for that tcp port and named a new application.

after that we saw issue behaviour not changed(user is disconnectet

...

panos by L6 Presenter
  • 1647 Views
  • 1 replies
  • 0 Likes

Destination NAT question

In this document is described how the NAT function at the Palo Alto.

https://live.paloaltonetworks.com/docs/DOC-1517

Has anything changed in the 5, in contrast to 4.1er?

So far, the destination NAT zone was generally on the incoming interface as the sou

...

register by L1 Bithead
  • 2036 Views
  • 2 replies
  • 0 Likes

Resolved! Revert Panos

Hi,

when we revert to 5.0.5 from 5.1.0 using maintenance mode (Panorama)

will we lost all logs ? and config ?

Thanks.

panos by L6 Presenter
  • 2182 Views
  • 2 replies
  • 0 Likes

GlobalProtect clients logged as PA MGMT

Looking through my logs today and I noticed that connections initiated by clients using GlobalProtect are being logged as sourcing from the PA management interface. Is this expected/intended behavior?  Shouldn't the log show the clients IP address?

Resolved! Data pattern

HI all

I tried to created a data pattern with a regex like in the pan 205 training course.

(Classified)|(CLASSIFIED) and this seams to be not working.

and the workaround that I found is to create in the data pattern 2 pattern

first : Classified

second :

...

Gregoux by L4 Transporter
  • 2514 Views
  • 2 replies
  • 0 Likes

Strange URL request in botnet

Hi all,

This morning, spending some time on my palo report and in botnet report there is many alert concerning repeted request to "84.39.153.31/SpamResolverNG/SpamResolverNG.dll?DoNewRequest"

Does someone know what it is ? Is it part of Microsoft emai

...

VinceM by L5 Sessionator
  • 2179 Views
  • 2 replies
  • 0 Likes

Resolved! Migration from Netconnect to GlobalProtect

Hi,

We have a PaloAlto PA-2020 pair (active / passive) with PAN OS 4.0.14 and a lot of laptops with Netconnect installed.

As we have been experiencing problems with Windows 7 64 bits when installing Netconnect we have planned to update

PAN OS to the lat

...

  • 24011 Posts
  • 115 Subscriptions
Top Solution Authors
Top Liked Authors
Labels