General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Discover what is initiating a site-to-site VPN?

Hi folks.

I have a situation with site-to-site VPN's on my Palo Alto's which I could use some help diagnosing.

I have a number of remote teleworkers who have a company-provided Cisco 887 router, which is used to run a site-to-site, IPSEC VPN to link in

...

darren_g by L4 Transporter
  • 9554 Views
  • 3 replies
  • 0 Likes

Resolved! QoS

Hi.

Iam Raju.. Iam a beginner to palo alto networks...

I have a small issue working with QoS... Can someone please help me...

I have attached the configuration of my Device..

Please have a look at it... the issue is device is not showing the QoS Statisti

...

Resolved! What is the reason for packet capture?

Hello all,

We recently flattened our lab firewall and configured it as a tap firewall. It currently has only one security policy which is an allow all policy. The firewall currently has one zone and the only other non-standard default config is a hand

...

Blocking Postal-Receipt.exe

Hello.

We have been having challenges blocking the downloading of  Postal-Receipt.exe and Postal-Receipt.zip being pulled down from web-based email.  The emails convince the user to click on a link similar to http://goodguy.com/wp-content/plugins/akis

...

HITSSEC by L4 Transporter
  • 2218 Views
  • 2 replies
  • 0 Likes

Resolved! Why is Group Mapping Different in M-100?

Hi,

I'm about to deploy two PA-5060s in HA, and I am configuring everything from Panorama. When it comes to the Group Mapping on Panorama, the UI is different than it is on the firewalls.

On Panorama:

On the firewall:

Any input is appreciated.

Thanks,

Alex

Abs by L3 Networker
  • 3224 Views
  • 5 replies
  • 1 Likes

Resolved! TCP Flood ID: 8501

On our user TAP interface (a TAP that collects user trafic only), we see 1000's of TCP flood events from 0.0.0.0 to 0.0.0.0 ; port 0 to port 0; Zone user to Zone user. It is always Session ID of 0. I have tried to do packet captures, but I never seem

...

craymond by L4 Transporter
  • 12292 Views
  • 4 replies
  • 0 Likes

Multiple external IP's and Global protect (Not NAT)

Hi

I did a search on the forums for multiple IP's and found a lot of posts talking about how the Palo deals with multiple external IP's - i.e. if your ISP assigns you a /29 block and you need to NAT multiple application into your network. So basically

...

Quinton by L3 Networker
  • 8729 Views
  • 7 replies
  • 0 Likes

Resolved! Public IP not accessible from internal addresses.

Hey All;  When setting up GP and other external interfaces for access I found that any NAT inbound is not accessible when in the local network as well, only from outside. 

Can anyone explain if there is a NAT or GP gateway setting that will take inte

...

amansour by L4 Transporter
  • 2857 Views
  • 3 replies
  • 0 Likes

Resolved! Set VM-100 as gateway on host.

So I am wondering if there is any way to use the VMWare workstation (I know the VM-100 is for ESXi) as the gateway on your host and if anyone has had success with just monitoring EAST-WEST traffic from the VM-100 on ESXi?

amansour by L4 Transporter
  • 1651 Views
  • 1 replies
  • 0 Likes

Resolved! ZeroAccess.Gen

Our threat monitor shows a lot of ZeroAccess.Gen Command and Control traffic, type spyware.  The default threat action is to alert.  I want to either block or drop.  What is the best way to block traffic for a specific threat signature but to use def

...

oshcomp by Not applicable
  • 5406 Views
  • 4 replies
  • 0 Likes

Netflow

Can a PA500 support netflow version 5 - I know it does v9 - but my collector needs v5.  Thanks.

RCBTech by Not applicable
  • 2244 Views
  • 1 replies
  • 0 Likes

Resolved! How to find application in Palo Alto (by tcp/udp ports)

Dears,

I am working on a migration from Check Point to Palo Alto. We used that PA Migration Tool for CP rules into PA.

The main problem is all CP rules are based on services and we want to transform them into PA applications... BUT, the PA apps tool (a

...

Multi-factor Authentication

Does the PAN Netconnect client or browser initiated VPN connection support multi-factor authentication? I know that you support AD and Radius but can it be done at the same time. I only see a Password field in the logins and cannot see how one can ch

...

kime by L0 Member
  • 7558 Views
  • 15 replies
  • 0 Likes

Resolved! services (http,https)

Please excuse my ignorance, new to FW support and PAN.  What is the criteria for services, why is there only 2 http/https?

thx,

  • 24130 Posts
  • 102 Subscriptions
This widget could not be displayed.
Top Solution Authors
Top Liked Authors
Labels