General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Threat Vector, a Unit 42 Podcast, is Now on LIVEcommunity!

We have some exciting community news to share: Threat Vector, a Unit 42 podcast, is now on LIVEcommunity!

 

Threat Vector is your compass in the world of cyberthreats. Listen to this biweekly podcast to learn about unique threat intelligence, cutting

...

jforsythe by Community Team Member
  • 322 Views
  • 0 replies
  • 0 Likes

How and Why to Accept a Solution to Your Post

Did you know that you can help your fellow community members by accepting solutions when a reply answers your question. Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature

...

JayGolf_0-1691518400714.jpeg
JayGolf by Community Team Member
  • 3678 Views
  • 2 replies
  • 14 Likes

connection interrupt

Hi,

An internal application is used for databese.It's default port is 5520

when we saw this behaviour we wrote an application override rule for that tcp port and named a new application.

after that we saw issue behaviour not changed(user is disconnectet

...

panos by L6 Presenter
  • 1387 Views
  • 1 replies
  • 0 Likes

Destination NAT question

In this document is described how the NAT function at the Palo Alto.

https://live.paloaltonetworks.com/docs/DOC-1517

Has anything changed in the 5, in contrast to 4.1er?

So far, the destination NAT zone was generally on the incoming interface as the sou

...

register by L1 Bithead
  • 1685 Views
  • 2 replies
  • 0 Likes

Resolved! Revert Panos

Hi,

when we revert to 5.0.5 from 5.1.0 using maintenance mode (Panorama)

will we lost all logs ? and config ?

Thanks.

panos by L6 Presenter
  • 1785 Views
  • 2 replies
  • 0 Likes

GlobalProtect clients logged as PA MGMT

Looking through my logs today and I noticed that connections initiated by clients using GlobalProtect are being logged as sourcing from the PA management interface. Is this expected/intended behavior?  Shouldn't the log show the clients IP address?

Resolved! Data pattern

HI all

I tried to created a data pattern with a regex like in the pan 205 training course.

(Classified)|(CLASSIFIED) and this seams to be not working.

and the workaround that I found is to create in the data pattern 2 pattern

first : Classified

second :

...

Gregoux by L4 Transporter
  • 2094 Views
  • 2 replies
  • 0 Likes

Strange URL request in botnet

Hi all,

This morning, spending some time on my palo report and in botnet report there is many alert concerning repeted request to "84.39.153.31/SpamResolverNG/SpamResolverNG.dll?DoNewRequest"

Does someone know what it is ? Is it part of Microsoft emai

...

VinceM by L5 Sessionator
  • 1748 Views
  • 2 replies
  • 0 Likes

Resolved! Migration from Netconnect to GlobalProtect

Hi,

We have a PaloAlto PA-2020 pair (active / passive) with PAN OS 4.0.14 and a lot of laptops with Netconnect installed.

As we have been experiencing problems with Windows 7 64 bits when installing Netconnect we have planned to update

PAN OS to the lat

...

Dns vulnerability

Hi,

is there a way to block

DNS Cache Poisining

DNS Server Spoofed Request Amplification DDoS

with Paloalto ?

panos by L6 Presenter
  • 1444 Views
  • 1 replies
  • 0 Likes

URL Allow List filters are not functioning as documented.

URL filter is great when working with Categories, but when an exception is published in the allow list there are catches and exceptions.:smileyconfused:

We block-continue Streaming Media, which contains Youtube, which we want to allow users access to

...

allens by Not applicable
  • 3113 Views
  • 3 replies
  • 2 Likes

IP to user mapping unreliable

Situation: PC connected to our domain. Domain users log on to it. Domain users have internet access.

The same PC is used for assessments. These (external) users log on with a local user account (not known as a domain user). These users are not allowed

...

dieter_b by L4 Transporter
  • 12714 Views
  • 32 replies
  • 0 Likes
  • 24192 Posts
  • 100 Subscriptions
Top Liked Authors
Labels