This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Active/Active 5.0.2 management interface shutdown

We are running 5520's A/A. Today we experienced an issue with one of the boxes managment interface shutting down. We had to power cycle the box to get the mangement interface back up.Is this a known issue?We are running 5.0.2Thanks

Resolved! Manual FQDN Refresh

Hi AllI am using PA 5050 with PAN OS 5.0. PA is automatically refreshing FQDN evrery 30 min. I want to refresh the FQDN manually or reduce the refresh time less than 30 min. How can I do this . Please can anyone suggest me how to do it .Thanks

itsecll by L1 Bithead
  • 8308 Views
  • 3 replies
  • 0 Likes

Resolved! Wildfire Forward action

Hello, I was wondering if anyone knew exactly how the "forward" action for Wildfire worked. Does it forward the file to Wildfire and then disallow the user to access that file, or does it forward it and allow it to pass through for the user to access the file?Thanks!Jared

Application Dependencies for MSRPC

Does anyone else feel that the application dependencies for MSRPC are incorrect?PA currently lists MSRPC as dependent on MS-DS-SMB and NETBIOS-SS. However, those protocols are not actually necessary for MSRPC to work. They are distinct protocols with different purposes. To my mind, including those dependencies encourages administrators to includ...

Resolved! Questions on logs export

Hello,I am setting up Palo Alto Firewall and want to export logs in CSV format to a UNIX filer daily at a specified time of the day. I have these questions:How do I schedule log export job so that it exports logs of only that particular day (and not all log history)?What is the default size of the log buffer? If log buffer gets full before the s...

deshaw by Not applicable
  • 5669 Views
  • 5 replies
  • 0 Likes

Resolved! PA Device Interfaces Fail Open

Greetings,Will PA device interfaces fail open if the device has a power failure, similar to IDS/IPS sensors which have relay in the interfac?thx,Bill

Resolved! Issue with facebook pictures being blocked

Hey guys got one I am stuck on. We are not blocking facebook at the moment and it was working just fine until Friday afternoon. No config changes were made. No updates to the PA5050's we have. Facebook comes up still but certain pictures on it will not. Just the ones that are in the users albums seem to be having issues. Pictures in links still ...

JeffTQT by L2 Linker
  • 3346 Views
  • 1 replies
  • 0 Likes

Third Party VPN Clients

There is an option for 3rd party VPN clients in the interface and there used to be articles on Cisco Anyconnect as an option for 3.1. We have tested this without the use of these parameters, how do these adjust the communication to the firewall, is there any documentation on supported version for this component of the GlobalProtect configuratio...

amansour by L4 Transporter
  • 4618 Views
  • 3 replies
  • 0 Likes

Resolved! Reason for VSYS

Has anyone found a situation where VSYS is ever truly the best course of action when deploying the firewalls. I have been continually asked about this feature with very little cause to deploy the firewall in this way in most situations. Can anyone share examples where this could not be avoided or advantages it provides other than segmentation o...

amansour by L4 Transporter
  • 5363 Views
  • 6 replies
  • 0 Likes

Resolved! ThreatID and CVE

Hi Out there. For users of SIEM, some have Vulnerability scanners, anti-virus and other tools reporting CVE through syslog. In most cases the logs from PAN have threatID, other than the special Splunk integration does anyone know of a way to get the annotatations/descriptions into the log and/or publish the CVE against it, I do see it referenc...

amansour by L4 Transporter
  • 3349 Views
  • 1 replies
  • 0 Likes

How did your SSL Decryption deployment go?

We are in the process of making a case to deploy SSL Decryption. While I am sure this will happen, predeployment, I would like to hear any horror stories or even success stories on how your deployment went. Also any do's and dont's would be fantastic. Currently our environment is 4.1.7-h2 if that is a factor in your deployment stories, that much...

Application web-browsing blocked using ssl decryption

I've defined a simple rule for acces to a ssl-crypted website using application filtering.Also all ssl-crypted access to that site will be decrypted.The running Software ist PanOS 5.02.When I define a rule for access to that destination and leave the service in "application-default"The access wil be blocked an I get two entries in my LOG-File:1....

  • 24381 Posts
  • 123 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks