General Topics
cancel
Showing results for 
Search instead for 
Did you mean: 
General Topics

Discussions

Join Us for a Tech Deep Dive Miniseries!

 

Stop Zero-Day Threats in Zero Time with Nebula PAN-OS 10.2.

 

Join us live for an in-depth look at the latest advancements in cybersecurity, best practices, tips and tricks, demos and
more to protect your business and defend against threats in real

...

nebula-on-demand-tech-deep-dive-miniseries-live-community-banner-2600x600.jpg
jforsythe by Community Team Member
  • 415 Views
  • 3 replies
  • 1 Likes

Resolved! PAN release 4.0 and NAT feature

Hi all,

With this new release, is it possible to define destination NAT rules based on source region criteria ? for example : ASIA => NAT1, Europe => NAT 2 and so on....

Thanks a lot.

bdaussin by L0 Member
  • 1400 Views
  • 4 replies
  • 0 Likes

Panorama Security policy & Filtering

I may be being a bit thick (entirely possible). But, when I'm in the security policy on Panorama (pre rules) i want to be able to filter only the particular rules that are on a particular target vsys. Currently I have 2 virtual systems on a single PA

...

fmd by L3 Networker
  • 576 Views
  • 1 replies
  • 0 Likes

Auto-Lockout Panorama

Hi All; [SOLUTION PROVIDED]

I have a Panorama server I manage over VPN.  basically when two people login with the same account. The account gets locked. I didnt configure it this way it is somewhat unexpected.  Anyway, both users had chrome browsers a

...

amansour by L4 Transporter
  • 1007 Views
  • 1 replies
  • 0 Likes

LDAP - failed to create page control

Hi All,

Seen this in the ldapd.log file.

Has anyone come across this before ?

Mar 16 10:10:03 connected to ldap server ldap://172.17.23.132
Mar 16 10:10:03 ldap cfg LDAP Server connected to 172.17.23.132:389(index 0)
Mar 16 10:10:09 Warning: pan_ldap_s

...

Incomplete Packets after Service Applied

Hi There;

For some sessions like availability monitors and other systems that make connections over a port that has the "service http or service-https" applied in a policy, these will fail unless you allow any service to the host or create an applica

...

amansour by L4 Transporter
  • 1248 Views
  • 1 replies
  • 0 Likes

HSRP L2 Split Brain

Hi All;

Thought I'd post this for anyone who has the PA going through a cisco HSRP L2 at the perimeter.  Traffic is intermittent between the two firewalls if you leave the passvie device interface to "Auto" instead of "shutdown" in the passive state.

...

amansour by L4 Transporter
  • 1764 Views
  • 1 replies
  • 1 Likes

Can PA recognize user-id from AD using TAP-mode?

Hi All.

I tested that PA with AD using TAP-mode.

AD-agent, CLI at PA device could recognize users from Active-Directory. but Traffic logs, Threat logs, URL logs could not recognized user-id and session-browser showed user filed was unknown.

I think that

...

ttongfly by L3 Networker
  • 1880 Views
  • 3 replies
  • 0 Likes

SSL decryption and Carbonite

SSL decryption seems to interfere with Carbonite.  When the policy is enabled, the Carbonite client reports "waiting for connecton to carbonite pro backup server...".  I assume I could add a rule to not touch anything in category "online-personal-sto

...

Resolved! Create custom report for uploaded excel files

Hello,

I would like to create a custom report that will list all the uploaded excel files from our internal network.

From the 'Manage Custom Report' I am using the 'Data Filtering Log' Database to create the report but I cannot add a filtering expressi

...

Resolved! Device-level configuration and "pre-staging" in Panorama?

Is there a way to pre-stage device level configurations within Panorama?  I would like to build a virtual systems, virtual routers, security policy, etc. on a "dummy" object in Panorama, and then push these changes to a real firewall when I bring it

...

mgentile by L2 Linker
  • 907 Views
  • 1 replies
  • 0 Likes

Error trying to unlock an admin

Under Authentication Profiles on Panorama 3.1.8 I noticed one of my admins is apparently locked. When I try to unlock by clicking on the link I get the error:

vsys unexpected here locked-users unexpected here authentication unexpected here show unexpe

...

KGC by L3 Networker
  • 953 Views
  • 1 replies
  • 0 Likes

SNMP OID for monitoring temperature

Does anyone know what the OIDs are for monitoring temperatures and other environmental conditions in the different PAN devices?  The reference documents do not include this information.

HTTPS browsing

I made a quite shocking discovery about PA and how it inspects SSL encrypted traffic.

Please correct me if I'm wrong.

1. To allow simple HTTPS web browsing traffic it isn't enough to allow "web-browsing" application in the policy, you must to allow "

...

SimasK by Not applicable
  • 3412 Views
  • 9 replies
  • 0 Likes
Top Liked Authors