General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Resolved! Threat Log filter by 'Name' field

I've got a potential client that is trying to filter the threat log by the threat 'Name' field. He wants to see all from a specific threat.Normally you click on the item and it puts it in the filter bar but here when you click on the name you get a pop up with the details on that threat. I've tried a bunch of combinations and can't find anythi...

icmp redirect support

Hello,simple question:Does PA devices send / support icmp redirect ?Use case:PA device is the default GW for local LAN subnet (A).PA device has a route to an another subnet (B). The next hop is on his LAN Interface.Local Clients devices has only a default GW to PA LAN Interface.From my understanding and some tests:PA device does not send ICMP re...

glebon by Not applicable
  • 7784 Views
  • 3 replies
  • 0 Likes

Resolved! Licence problem with Iphone/Android GlobalProtect client

Hi,In our university, we have two PA-5020 (PANOS 5.0.5) with VPN service configured in actif/passif mode.We don't have gateway and portal licences activated, as we only need one GlobalProtect portal and one GlobalProtect gateway.Users with Windows or Mac OS can connect with the GlobalProtect client without any problem.However, with the new Globa...

cnamurdc by L1 Bithead
  • 5034 Views
  • 2 replies
  • 0 Likes

How GP selects between SSL and IPSEC?

Hi,I have recently noticed that most of my VPN users with Global Protect are connected with IPSEC.Before that, two or three weeks ago, they were mostly connected with SSL.How can it be like that?Is it related to some parameters on our PA-5020 (PAN-OS : 5.0.5)?Thanks for your help.Regards,Sylvain Fouqueray

cnamurdc by L1 Bithead
  • 12100 Views
  • 3 replies
  • 0 Likes

Resolved! Trying (still) to understand Wildfire

I got two files sent to me for analysis and I ran them through Wildfire to get a verdict...Unfortunately im still not comfortable with what Wildfire thinks is a malware and what me (and obviously the rest of the world) belives is a malware...Could perhaps somebody from PaloAlto themselfs (or somebody else) explain to me why both files have the v...

mikand by L6 Presenter
  • 7108 Views
  • 7 replies
  • 0 Likes

User ID from eDirectory, multiple IPs per user

Hi,for identifying users on an PA-3020 with PAN-OS 5.0.5 I use a combination of reading the information from eDirectory, XML-API and captive portal.I am now facing the problem that users which use different computers at the same time with their user account which is authenticated against the eDirectory (for example one at their workplace and ano...

Resolved! Panorama 5.1 on VMWare Workstation 9.0

Has anyone got it to work?I need to prototype a configuration for a customer who wants to move to 5.1, and all I have access to is VMWare Workstation 9.1. I thought that would not be a problem, but perhaps it is? I'd be working within the 30 day trial window.Firstly, whenever I try to import the OVF file, I receive a message saying that the file...

PA 4020 and PANOS 5.0.6 dataplane CPU spikes: anyone else seeing this?

We upgraded our PA 4020 to PANOS 5.06 (thankfully it's only in tap mode, no traffic is running through it). Our PA 4020 is kind of our "canary in the mine" so to speak when it comes to upgrades, and maybe having that implementation is proving itself out right now.Anyway, has anyone see dataplane CPU spikes on 5.0.6? See the nice little spikes on...

Resolved! Global Protect stuck on Connecting

On some workstations, the Global Protect client (latest 1.2.4) will not connect. If I re-install the client it begins working and then 2 days later will continually show Connecting in the taskbar until the client is re-installed again. Right now I have a mix of this happening on WIndows XP 32-bit, Windows 7 32-bit and Windows 7 64-bit. Some s...

nthen by L3 Networker
  • 14181 Views
  • 5 replies
  • 0 Likes

logged in admin count Panorama

Hi,how can we see the admins already logged in to Panoramawhen we use show admins or Dahsboard it is hard to count.There are many admins we just need number of admins logged in realtime.

Resolved! No logs in wildfire log section on device- PAN OS 5.0.3

Hi ,Even we have the valid wildfire subscription, not able to see any logs in wildfire logs in device but in the data-filtering logs for some exe files it is showing wildfire-upload-success ( means file has uploaded to wildfire cloud for analysis).I executed the commands >test wildfire registration - showing registered ...

Gururaj by L4 Transporter
  • 4177 Views
  • 3 replies
  • 0 Likes

Resolved! VPN user cannot access another network segment

Hi AllI just established a VPN between two sites. the user over the site has no issue contacting my LAN IP segment (172.20.4.X) and but they just couldnt access to another of my LAN IP segment (172.20.6.x)I have check under the virtual router that segment was already included. did I miss out on something or where should I be looking at?Thank for...

RIS by Not applicable
  • 3722 Views
  • 3 replies
  • 0 Likes
  • 24400 Posts
  • 123 Subscriptions
Top Solution Authors
Labels