General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Ensuring a Safe and Secure Community: How You Can Help

 

Dear LIVEcommunity Members,

 

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

safe-community_oct24.jpg
report-content.jpg
jforsythe by Community Team Member
  • 417 Views
  • 0 replies
  • 2 Likes

Resolved! 5.0.2 upgrade question

I want to upgrade from 4.1.7 to 5.0.2, I am currently running Global Protect v1.1.6.. and pan agent user-id agent v4.1.4-3.  Can I perform the upgrade without updating the GP client and user-id agents?

rrau by L3 Networker
  • 2312 Views
  • 2 replies
  • 0 Likes

BGP Dampening Profiles

All,

Does anyone know the CLI command to use to view the dampening profiles status on flapping routes?  There looks like a way to clear the status with clear counters bgp ... but I cannot find the available show command.

Thanks in advance,

Jason

4.1 series GUI dashboard

I have one box presently on 4.0.8 and one on 4.1.1. If I compare the dashboards, the 4.0 series one has the dates in the widgets in an international format (2012/01/12), which I have no trouble with. The 4.1 has the widget dates in a partial American

...

Resolved! DHCP / DHCPD server stopped working 5.0

PAN OS 5.0

App Version 342-1602 (12/04/12)

Uptime 22 days


PAN-OS DHCP server stopped working today (worked earliar only change wildfire & global protect updates)

DHCP server status shows it is not enabled although configured.

<says not configured>

admin@PA

...

jkim2 by L3 Networker
  • 5946 Views
  • 7 replies
  • 0 Likes

Agentless User-ID with PAN5.x - AD Configuration

I have read the tech article "How to Configure Agentless User-ID in PAN- OS 5.0.x"

I'd love to see this document broken into two docs - one that I can send out to customers to prepare for POC - the AD user account setup portion without the PAN firewal

...

cindyb by Not applicable
  • 4392 Views
  • 6 replies
  • 0 Likes

CP Policy

I'm trying to setup a captive portal and authenticate users via a user certificate, but I cannot get it to work in 5.0.1.

I already have a client certificate profile created but which setting do I need in the CP policy (action):

web-form => does not wo

...

loosj by Not applicable
  • 3368 Views
  • 6 replies
  • 0 Likes

User Identification Agent Capacity

In your Pan Agent 2.1 documentation you did an excellent job of documenting User Identification from start to finish. I have yet to see one document such as this for 3.1.

Please reference page 7 of the Pan Agent 2.1 document and confirm or correct wh

...

Email Security

Is there a way for the PA firewalls to monitor scam email? For example, email that looks legitimate but has manipulated links (again that look legitimate) taking you to a redirected website that is malicious in nature? Is there a way the PA can monit

...

Resolved! PA-500 Virtual Wire implementation (HA)

I am planning a deployment of two PA-500's for just Threat Prevention and URL monitoring.  I am working through the best way to do it for physical cabling and figuring out where everything should go.  I would also like to use the Active Directory int

...

Application Group for DC to DC communication

I have 2 domain controllers across 2 dmz's and i need them to talk. I have a list of ports I want to open but I want to keep it neat and create a application group. I dont see an easy way to search applications by ports.

Does anyone have a list of PA

...

jhickey by L3 Networker
  • 3010 Views
  • 3 replies
  • 0 Likes

Resolved! Why do "incomplete" sessions show as "allowed"

Hi.

I've got some pretty specific firewall rules for machine in our DMZ, and I noticed some intriguing log entries while checking into an (unrelated) issue today.

I get a log entry which reads like this

02/27 11:42:30      end     outside     DMZ     <s

...

darren_g by L4 Transporter
  • 30766 Views
  • 14 replies
  • 1 Likes

Blocking via file extension (Text only)

Am I able to block via file extension, the text file extension ony, without any inspection and/or identification by the Palo Alto unit?

I want to block jar files but the PA keeps telling me they are zip files and then allows them. I would like to bloc

...

choff123 by L3 Networker
  • 4663 Views
  • 5 replies
  • 0 Likes
  • 23695 Posts
  • 110 Subscriptions
Top Solution Authors
Labels