General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Resolved! PANOS 5.0

PAN seems tho have quietly released PAOS 5.0 a few days ago. Some nice new features in the release notes, but nothing beats real world feedback.5.If you are already running it, what enhancements do you value most ? What issues do you experience ?

dieter_b by L4 Transporter
  • 7145 Views
  • 8 replies
  • 0 Likes

Resolved! configuration help-vwire subinterfaces with different policies per vlans

Hi all,Its my first post here so I hope someone can answer my question regarding vwire subinterfaces.As I was looking through the older topics the thing I want to achieve is similar to this.https://live.paloaltonetworks.com/message/9679#9679however I want to use vwire subinterfaces instead of L2.According to course material it can be done.Basicl...

pkonitz by L2 Linker
  • 9006 Views
  • 4 replies
  • 1 Likes

Resolved! PA 5000 series grounding?

The PA 5000 series hardware reference guide does not show anything about the grounding lug that is present on the PA-5020 AC power firewalls. Is the grounding information the same as the PA-3000 series? 14 AWG, certified Lug crimpted, using a size #8-32 nut and star washer (supplied), torqued to 15 in.-lbs (not overtightened)?

ddaniels by Not applicable
  • 4615 Views
  • 4 replies
  • 0 Likes

Resolved! x-forwarded-for header parsing.

With the command "set system setting ctd x-forwarded-for yes" the x-forwarded-for header is parsed to populate the source.user field in the logs.However, which exact header is actually being parsed with this command?Is it "x-forwarded-for" ? ( according to the CLI guide)Or is it "x-fwd-for" ? (according to the KB article)or both ?Can it be chan...

Adding Threat Exceptions

Hi, I wonder if somebody can help me with a query?I am running a 2050 as my firewall (I am new to looking after Palo Altos!). I have colleagues building workstations at another site coming across a VPN to access resources at my site. The router and links are working fine. One particular application is not getting through and is being blocked...

phild by Not applicable
  • 6167 Views
  • 4 replies
  • 0 Likes

OID of the CPU and memory of PA-2050

Hi All,I have an OP manager (network monitoring tool). I want to integrate it with Palo Alto. Does anyone have the OID for the CPU and OID for the memory of PA-2050? Regards,Eugene

TSPI by L1 Bithead
  • 3095 Views
  • 3 replies
  • 0 Likes

Restrict VPN access to AD group

Hi,I want to give a VPN ipsec access to a group of users.In GlobalProtect Portal | Client Configuration, I set the AD group in Source User.My problem : all the users in the AD OU have access to the VPN despite they're not in the group.I must have missed something ...Someone already had this issue ?Thanx.

g_sipp by Not applicable
  • 15089 Views
  • 18 replies
  • 0 Likes

Resolved! block youtube highdef videos?

Anybody know if there is a HTTP header / URL or custom application signature which can be created to prevent users from playing back higdef youtube videos? e.g limiting them to only standard definition.Cheers,

CMG by L2 Linker
  • 3159 Views
  • 1 replies
  • 0 Likes

Blocking YouTube but still showing the video player

We do not want to allow access to YouTube, however if I just block streaming-media in the URL filter, any page that has embedded YouTube videos get a block message confusing users. They are thinking that the page is blocked not realizing it is YouTube. Is there an easy way to block the YouTube player from working on embedded videos? This woul...

nthen by L3 Networker
  • 2896 Views
  • 2 replies
  • 0 Likes

Captive Portal for more than one security zone

HiFew months ago I sucessfully configured CaptivePortal (in redirect mode) with SSL certyficate from StartSSL for one of my local network connected to PA200.Now I need to do the same for another local network, but on PAN I can only make one CP configuration, with one SSL cert.I have SSL cert for host cp1.mydomain.com. This dns entry pointing to ...

_slv_ by L4 Transporter
  • 8163 Views
  • 10 replies
  • 0 Likes

Resolved! Routing question - MPLS between two sites, with one of those connections being a failover ISP

Hello,I've got a scenario in which I'm not sure how to proceed.We have two sites, both sites just got new circuits.In Site A, we have two new circuits (ISP #1 and ISP #2). I've set up in my PA-500 Policy Based Forwarding to have ISP #1 as the primary internet connection, and if that drops, it will failover to ISP #2. We've tested this and it w...

uscit by Not applicable
  • 10569 Views
  • 9 replies
  • 0 Likes

Automatic switching between main and emergency link

Hi,We have two link between our PaloAlto (PA 2050) and a Fortinet. I'd like that when our main link get down, that data goes through the emergency link, i've found how to do it on the Fortinet but no way on the PaloAlto. All I can do is changing the weight for each address class between the two equipements.Does anyone got an idea?ThanksFrédéric...

DHCP, Captive Portal and strange behavior

HiIn every security zone where I have Captive Portal enabled PA working as a DHCP server for clients.Configuration of DHCP: (lease time is - 1day)On clinet ipconfig /all show:In system logs I have a lot of entries (this is from my test VM), other client also generates as my entries.The red arrows shows that I did ipconfig /release and ipconfig ...

_slv_ by L4 Transporter
  • 3919 Views
  • 3 replies
  • 0 Likes

Resolved! OSPF ERROR

Hello,I have configured ospf in ha with PA4060 in V4.1.11I can see my neighbor but my palo-alto with low priority stay DR and I can see the following error in log:PA-4060-1(active)> tail follow yes mp-log routed.log i/f idx 0 Hello packet dropped because source router ID matches local router ID.any Idea for my problemthx,ALex

alle by L3 Networker
  • 3580 Views
  • 1 replies
  • 0 Likes
  • 24401 Posts
  • 123 Subscriptions
Top Solution Authors
Labels