General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Resolved! Using application-default with application override

According to product help for application-default: The selected applications are allowed or denied only on their default ports defined by Palo Alto Networks. This option is recommended for allow policies because it prevents applications from running on unusual ports and protocols, which if not intentional, can be a sign of undesired application ...

nthen by L3 Networker
  • 10452 Views
  • 6 replies
  • 0 Likes

Virtual-Wire Link Aggreagaion

HelloI installed about virtual-wire link aggregation. (image1.png & image2.png)all members of 'ae1' are ethernet 1/3 , 1/5 , 1/7.all members of 'ae2' are ethernet 1/4 , 1/6 , 1/8.all members of 'ae2' was disconnected when I had removed ethernet 1/3. (image3.png)They was connected after 5 seconds.(image4.png)The device is enabled link state p...

Troubleshooting Shotetel Communicator over GlobalProtect

I am wondering if anyone has successfully setup Shotetel Communicator (softphone) using the GlobalProtect VPN client? I am working with a company who up until last week was successfully using the Shoretel Communicator through their Sonicwall's VPN client. Upon switching over to the Palo Alto with GlobalProtect, the softphone breaks. Soem func...

njoyzrd by L1 Bithead
  • 5572 Views
  • 5 replies
  • 0 Likes

Can anyone tell me how to get the botnet to display for a superreader?

We have a group that would like to review threats, including botnets... We have created accounts providing them superreader access but the botnet selection is not on the monitor screen...I also tried creating an Admin Role giving them ReadOnly access to everything when possible, Enable access to report items including Botnet but disabling Commit...

jraleigh by L1 Bithead
  • 2692 Views
  • 3 replies
  • 0 Likes

Related Logs in Traffic Log - no URL-Filtering?

Hi,isn't the "Related Logs" field in the details of a traffic log entry supposed to list logs from other logging categories like URL-Filtering or Data-Filtering as well? I only seem to get other traffic logs in the related log field. Example:* outgoing web-browsing is allowed, logging is turned on* URL-filtering is in place, logging is turned on...

User-ID and Windows clients running GPO's with another useraccount !

Hi ppl !We have a problem regarding User-Id and the security log from windows AD. Normally when the user logs in on a windows pc and connect to AD, the USer-Id and ip > username maps correct.The problem occurs when a "GPO" on the client starts up with system privilegies and another user account (administrator rights account). These gpo's run...

Multi Virtual system

On a production PAN device if I want to create a new virtual system but I didn't enable the multi virtual system capability option intially would I be able to create a new one with disrupting the production network. The reason I'm asking this is when you create a virtual system all your configurations are tied upto the virtual system name. If I ...

Resolved! "No matching record" in ACC after initialy using the PA-device

Hi, Today we start using the Palo Alto device. Being one of its beneficial features, the Application Command Center provides a quick Birdseye view upon network visibility. Initially, we could drill down into (eg) Top Applications, in order to find out the top ip sources. After some 6 hours, this fine grained information seems not to be availa...

wimjuste by L1 Bithead
  • 9885 Views
  • 10 replies
  • 0 Likes

Graphical traffic monitoring...

Hi,We have a PA500 box running 4.1.11 software.Formerly we used pfsense enjoying RRD graphing of traffic amount on the different interfaces. We display network information on a big monitor outside our office. Does anyone here use some thirdparty software to achieve this with PAN boxes? We don't need all the bells and whistles, and it should be...

Panorama Adaptive Objects

I have several PAN firewalls that I now manage individually and have recently purchased a Panorama appliance in the hopes of making it easier to manage common policies.We have two sites that will need identical rules but with different IP's referenced in the rules. I come from a background of using McAfee CommandCenter and in their terminology ...

cjr222 by Not applicable
  • 3077 Views
  • 3 replies
  • 0 Likes

Unblock Skydrive Uploading feature

Hello, how would I go about unblocking the ability for uploading to skydrive? Currently our clients can use all of the main features of skydrive while in the browser with the exception of uploading. I recently read an article in regards to skydrive-uploading. Does this feature need to be allowed?

to NAT pool or not

Hi all,We have a brand new 2050 that is going to be used to support a school district with about 5000 students.... so we expect, eventually, to have about 5000 to 6000 hosts going out to the internet. And we have access to a full class C public block.The question that I have is: should we set this PA2050 to use a NAT pool or would setting it as...

marsan by L0 Member
  • 6899 Views
  • 7 replies
  • 0 Likes

QoS in specifig configuration

HelloMy network looks:ISP (25Mbit symmetric) is connected to Juniper SSG-140 with two interfaces:- A- B Behind B there is PA200 and two serwers connected by switch to B interface of SSG.I have to use QoS on SSG. I put 25Mbit limit on untrust interface, and 10Mbit limit on A interface.On B I try to use policy base QoS.Question is how to set DSCP ...

_slv_ by L4 Transporter
  • 3791 Views
  • 4 replies
  • 0 Likes

Resolved! Drive sharing happens when connecting a windows machine via RDP using MSTC client. How to block that?

When connecting a windows machine via RDP using mstsc client, we have an option to share the local resources like printer, clipboard, etc. By this way we can able to share the local hard disk drives with the remote machine that we connect to. Upon connecting, our local drives are shown as the network drives on the remote computer. I noticed two ...

VinothV by Not applicable
  • 5316 Views
  • 3 replies
  • 0 Likes
  • 24401 Posts
  • 123 Subscriptions
Top Solution Authors
Labels