Did you know that you can help your fellow community members by accepting solutions when a reply answers your question Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature
...
I note that the PA-2050 units I have running 4.1.7 PanOS generate their syslogs as UDP/514. Is there any way to tell the unit to use TCP for syslog messages?
Our SIEM/syslog collector (AlienVault) seems to be missing some of the syslog messages we (
...
Hi All,
"Save the telnet" movement inspired me . I'd like to find out if any one is experiencing same limitations I do:
- " at least 7 bytes" limit in Custom Data Patterns.
- "regex" has very limited capabilities in Custom Data Patterns.
Would adding t
...
I have a network that I want to allow MS product activation to work but web browsing and other internet activity to be denied.
I have two main security policies that apply just to this network although DNS and ntp is also allowed:
The first one is an a
...
Hi guys,
It looks like our PA-2050 is not purging old log files from the database. When we log in to the Web UI we get alarms like this:
According to the documentation this error shouldn't occur. The PA box should automatically purge old log entries wh
...
Our users private devices are on a separate subnet/vlan and a separate PA zone using the Google DNS servers. I have been forcing a captive portal in order to enable user ID for these devices. This has been working fine.
I have set a rule so that the
...
In Panorama, is it possible to assign an admin role to a vsys? I don't see the option on the admin role tab in Panorama. I only see it on the device itself. Please see attached screen shots as a comparison between the Panorama view and the Device vie
...
Was working for a while the the interface decided to go down and I kept getting this warning every time I commit. I have checked both ends and it seems to me that the 10gig interface on the palo side is bad. Both are the same so I do not understand
...
Is there a way to do DNS Re-write or DNS Doctoring in the PAN similar to Cisco's ASA?
Hello
On my old Juniper SSG device I had flow control where I can sow real time traffic on interfaces.
How can I do it with PAN? - using only GUI/CLI - not thirty party software?
With regards
SLawek
Hi,
I need to know how many users access Category Social Network.
So i do a trafic report with SESSIONS and SOURCE USER. Top 500.
I have all i need, BUT i have more then 500 users. so i cannot know how many users access that category.
I have to calcula
...
Hi there,
I've seen a task called pan_task taking up 100% cpu on two of my PA200's. Is this a PA200 specific thing? Not seen this on any other hardware platform, looking into it further it does not look like it's actually using 100% CPU, wondering if
...
Hello,
I need to go through the logs to check why the active PAN 2020 rebooted itself. I only have access to the cli (I have to ssh via the now active FW).
Which logs should I check?? Under mp-log there is a whole bunch of logs I am not sure which one
...
Hi All,
Because of build a new storage, so we are going to plan migrate panorama nfs to the new, how should we do that can keeping old logs in old nfs migrate to news safely without logs lose?
Regards,
Joy
Is there a more recent Blue Coat WebFilter to BrightCloud URL Category mapping? I found the document from Jan2011 that lists the categories and the recommended mappings at that time. However in the last 2 years both vendors have added and removed c
...
I am new to Palo Alto firewalls and I am hoping this a quick easy question for somebody who is more familiar with them. I would to like to upgrade my PA500 to latest firmware. It looks like the latest release is 4.1.8 (I am using 4.0.8). I have downl
...
reaper
on:
Agentless User-Id integration
