General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Have managed to break Google Play and Apple App store downloads

HiAt some point in the last month or so, I've managed to break downloads from both the Google Play store and Apple App store. But I don't know how. I have enabled decryption, but have disabled all my decryption rules and it is still broken - So I assume it's not that.I can't find any associated denied traffic in the traffic log, or in the URL f...

High CPU Usage in Panorama V5.0.4

Hi I am seeing the process pan_summary_gen clocking up 80-100% CPU at regular intervals for a few minutes at a time. Is this a known or should I report it?

djr by L4 Transporter
  • 5342 Views
  • 8 replies
  • 0 Likes

Windows Surface 8 RT and Ipsec support?

Do we have any support or articles on this subject or to make this work properly over ipsec and vpn? I know there are articles for Android and Apple but have not seen any information on Microsoft Surface RT platform support on this website.

Application Dependency PAN-OS 5.0.0 more

Hi~Since more PAN OS 5.0.0 has upgraded application dependencyand then I added one rule from securityI would like to allow to only gmail-baseand then Click commitI expected sucesse result,,but Popup window represented warning message;;what -_-;;I knew that PAN-OS support Application Dependency about http, ssl, somethig like thatI red PAN OS 5.0....

2050 only handles 1/4 of its advertised throughput

Has anyone here tried to benchmark there Palo Alto Firewalls? We are using Breaking Point(same company that Palo Alto uses)to test our Lab 2050's. We have come to the conclusion that the PA 2050 starts dropping packets at about 250Mbps(with about 5-600 new sessions per second). This is with Threat Prevention disabled. The 2050 is spec'd out t...

jambulo by L4 Transporter
  • 8584 Views
  • 11 replies
  • 0 Likes

Resolved! unknown-tcp / udp - please explain

Hi,I know that these two applications stand for unrecognized traffic. It worries me though that for some of the other applications to work, I have to add unknown-tcp/udp to the firewall rule. Example for this would be Bittorrent traffic. To allow Bittorrent, I also have to allow web-browsing and unknown-tcp and unknown-udp.Can someone please ela...

Resolved! SCP Config backup "No DSA host key"

Hello,After upgrading both firewalls and the panorama to version 5.0.4, I want to change the configuration backup in Panorama.I want to change it from FTP to SCP.I am using the tool WinSCP on an windows machine. In this tool i've created an account called "Panorama" with a password.At this account I also mapped an ssh host key.But a test at the ...

ppater by Not applicable
  • 4568 Views
  • 2 replies
  • 0 Likes

New Feature Request

I don't know if this would be classified as a new feature, but it would be nice if on the policies/security if there was a separation of the inbound rules and the outbound rules. Right now these rules are all thrown in the same view.

snormoyle by Not applicable
  • 5019 Views
  • 7 replies
  • 0 Likes

Resolved! Nat with loopback int ip

HI all,Could we do the nat with loopback ip?I facing a scenarios my customers wish to set their public ip at loopback ip. Internal ip will nat to the loopback ip and send to cloud with external interface.

afiq by L1 Bithead
  • 7183 Views
  • 1 replies
  • 0 Likes

Resolved! MIB for 5.0 PAN

HelloI'm trying to monitir traffic on my PA 200. I found tech doc There is stated that I need MIB file for my PAN. I'm using 5.0.3 and there isn't anyt 5.0 MIBs.Where I can find it?I found also but maybe someone can share their config file? it could save many time to me and others.RegardsSLawek

_slv_ by L4 Transporter
  • 3054 Views
  • 2 replies
  • 0 Likes

Captive Portal - users not supplying domain info

Our captive portal is configured to use RADIUS (Cisco Secure ACS) to authenticate our AD users. The Cisco ACS will authenticate a user even if they do not include their domain information in the userid string... 'userid' rather than 'domain\userid'. The problem with this is that a user who authenticates with only their userid ends up with a ip-...

Jeff_K by L2 Linker
  • 3974 Views
  • 3 replies
  • 0 Likes

Resolved! 5060s SFP ports

Hello,I have one 5060s and I would like to know what types of fibre can support. Unfortunately I couldn't find any info in the hardware doc. Can support LX or SX fibres?Many thnaks,Thomas

BOOMMAX by Not applicable
  • 3914 Views
  • 2 replies
  • 0 Likes

Resolved! GlobalProtect 3G issue on Windows 8 pro tablet

Hi,we installed GP 1.2.1 on a Windows 8 32 bit pro tablet (thinkpad 2). With WiFi it works perfectly but when we use 3G, we can't even open the Portal website in the Internet Explorer and the GP client can't connect. I thought it could be a problem with the certificate but then it would not work with WiFi?

sboelter by L1 Bithead
  • 5958 Views
  • 5 replies
  • 0 Likes
  • 24393 Posts
  • 123 Subscriptions
Top Solution Authors
Labels