General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

User-ID and Windows clients running GPO's with another useraccount !

Hi ppl !We have a problem regarding User-Id and the security log from windows AD. Normally when the user logs in on a windows pc and connect to AD, the USer-Id and ip > username maps correct.The problem occurs when a "GPO" on the client starts up with system privilegies and another user account (administrator rights account). These gpo's run...

Multi Virtual system

On a production PAN device if I want to create a new virtual system but I didn't enable the multi virtual system capability option intially would I be able to create a new one with disrupting the production network. The reason I'm asking this is when you create a virtual system all your configurations are tied upto the virtual system name. If I ...

Resolved! "No matching record" in ACC after initialy using the PA-device

Hi, Today we start using the Palo Alto device. Being one of its beneficial features, the Application Command Center provides a quick Birdseye view upon network visibility. Initially, we could drill down into (eg) Top Applications, in order to find out the top ip sources. After some 6 hours, this fine grained information seems not to be availa...

wimjuste by L1 Bithead
  • 9883 Views
  • 10 replies
  • 0 Likes

Graphical traffic monitoring...

Hi,We have a PA500 box running 4.1.11 software.Formerly we used pfsense enjoying RRD graphing of traffic amount on the different interfaces. We display network information on a big monitor outside our office. Does anyone here use some thirdparty software to achieve this with PAN boxes? We don't need all the bells and whistles, and it should be...

Panorama Adaptive Objects

I have several PAN firewalls that I now manage individually and have recently purchased a Panorama appliance in the hopes of making it easier to manage common policies.We have two sites that will need identical rules but with different IP's referenced in the rules. I come from a background of using McAfee CommandCenter and in their terminology ...

cjr222 by Not applicable
  • 3076 Views
  • 3 replies
  • 0 Likes

Unblock Skydrive Uploading feature

Hello, how would I go about unblocking the ability for uploading to skydrive? Currently our clients can use all of the main features of skydrive while in the browser with the exception of uploading. I recently read an article in regards to skydrive-uploading. Does this feature need to be allowed?

to NAT pool or not

Hi all,We have a brand new 2050 that is going to be used to support a school district with about 5000 students.... so we expect, eventually, to have about 5000 to 6000 hosts going out to the internet. And we have access to a full class C public block.The question that I have is: should we set this PA2050 to use a NAT pool or would setting it as...

marsan by L0 Member
  • 6895 Views
  • 7 replies
  • 0 Likes

QoS in specifig configuration

HelloMy network looks:ISP (25Mbit symmetric) is connected to Juniper SSG-140 with two interfaces:- A- B Behind B there is PA200 and two serwers connected by switch to B interface of SSG.I have to use QoS on SSG. I put 25Mbit limit on untrust interface, and 10Mbit limit on A interface.On B I try to use policy base QoS.Question is how to set DSCP ...

_slv_ by L4 Transporter
  • 3789 Views
  • 4 replies
  • 0 Likes

Resolved! Drive sharing happens when connecting a windows machine via RDP using MSTC client. How to block that?

When connecting a windows machine via RDP using mstsc client, we have an option to share the local resources like printer, clipboard, etc. By this way we can able to share the local hard disk drives with the remote machine that we connect to. Upon connecting, our local drives are shown as the network drives on the remote computer. I noticed two ...

VinothV by Not applicable
  • 5311 Views
  • 3 replies
  • 0 Likes

Resolved! Apply zone protection - to which zone?

Hi,I am wondering where and how zone protection profiles are applied to. I figure if I attach a zone protection profile to a zone, all resources behind that zone are under protection. But let's take the following example:* one interface connected to internet (zone: untrust)* one interface connected to internal LAN (zone: trust)* several interfac...

Resolved! Can there be alone WF-500(Wildfire appliance) without FW?

Hello,I have questions about WF-500.Can there be alone WF-500 without FW?I read WF-500 Doc that WF-500 doesn't provide wildfire web portal for detail report.It sends result(malware or benign) to only FW wildfire log.How way does user check log without FW? Does WF-500 have connected UI interface?Thanks.

SSL traffic mis-identified as TOR

Hi,Seeing over the last few days traffic going from our users (various different users in different locations) to IP addresses in Google's range (74.125.0.0/16) being identified as TOR, and subsequently blocked - traffic is all dest port 443. This is preventing access to certain websites hosted on Google's platform - appspot.com for example.I a...

Delete user out of the user agent via API

Hi.I would like to delete a specific user out of the user agent cache via the XML API. Is it possible to do this when the ip user mapping was done by the agent itself (get the user via DC or exchange login). I enabled the user id XML API on the agent and send them this string:<uid-message><version>1.0</version><type>updat...

Report Management via the GUI...

I sent the following in to our VAR/SE for a product Enhancement. If you feel the same, I hope you can request this also. What are your thoughts on this request?The Reporting structure on the PA GUI is set up to MAKE lots of reports, and/or auto-generate to email or view on the device. (Not sure, but I believe the Panorama is similar, if not the ...

  • 24396 Posts
  • 123 Subscriptions
Top Solution Authors
Labels