General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Resolved! FQDN Table in CLI

Hi,

does anybody knows what is the meaning of CLI output for > request system fqdn show, that states for fqdn object ...Not used

Some fqdn objects that i've configured, PAN has resolved, but for some there is output Not used. I'm sure that those fqdn's

...

agrgic by L1 Bithead
  • 4481 Views
  • 1 replies
  • 0 Likes

Resolved! Problem Access Routes with VPN

Hi everybody.

I've got a problem with my configuration of VPN for remote clients,If I configure only one access route (see picture1), I obtain the following routing table and everything works well:

As VPN client we are using vpnc from a Linux distribut

...

Resolved! Globalprotect and Linux

Hi everybody.

Is it possible to use the client GlobalProtect on a Linux operating system?
Is there a "workaround" or some free Linux VPN client that can be used for it?

Thank you very much.

Best way of restricting web access?

Hi there,

Have a "interesting" problem.

Scope

* Clients are not to be allowed access to the internet. Restrict and control with firewall.

Scope creep

*Clients need access to Google to do a search, click on any links in that search. They will search for p

...

Ante by Not applicable
  • 2482 Views
  • 4 replies
  • 0 Likes

Resolved! User-ID agent v.4.1.4.3

A question about using palo alto with the user-id agent v.4.1.4.3

I get complain from the administrators of Window env.  They see that the user-id agent doing many logs on all PC.  They are store in the Events>Security logs on each PC.

Since the instal

...

Configuring QoS settings multiple egress interfaces

We currently have our PA-5050 configured with two vWire ingress and two vWire egress interfaces (one trust and one untrust zone mapped to vWire-1 and one trust and one untrust zone mapped to vWire-2). In this configuration is it possible to configure

...

wfleitz by L0 Member
  • 2603 Views
  • 3 replies
  • 0 Likes

Resolved! NAT and GRE

Hello.

I have to do NAT for GRE protocol and as i've read here in knowledgebase that can only be done with static NAT without specifiying ports. However the customer also has other services on same public IP address, like SMTP and DNS.

Would this work?

...

santonic by L6 Presenter
  • 2914 Views
  • 4 replies
  • 0 Likes

Resolved! Detecting Flame exploit

It looks like the Snort folks have a signature for Flame, does PAN?  If not, when is it coming?  The CTOs will be asking if we are safe...

http://vrt-blog.snort.org/2012/05/flame-malware-targeted-attacks-and-you.html

Dropbox Signature Change?

Hello,

We have for some time now blocked the use of Dropbox (as an app) and only allow a few users access, based on a domain group.  Over last couple of weeks have noticed activity where non allowed users are able to access the application. In my init

...

CRHC by L4 Transporter
  • 3936 Views
  • 5 replies
  • 0 Likes

Subnet entry in Custom URL Category

If I were to enter multiple subnets (ex: 218.65.30.0/24) as entries in a Custom URL Category, will those entries been seen as the entire subnet or will they be seen as a URL (http://218.65.30.0/24)?  I ask this because I'm looking at creating an outb

...

sconley by Not applicable
  • 2456 Views
  • 1 replies
  • 0 Likes

Resolved! Graph Realtime bandwidth consumed by each application

Hello,

Is it possible to have a graph with the Realtime bandwidth consumed by each application in VWIRE mode ?

I saw these: http://www.paloaltonetworks.com/products/QoS.html

but for applications, there is only a chart...

Maybe is there a way to make it w

...

Inbound NAT - Please advise

Hi,

Consider the following:

All traffic (0.0.0.0/0) is NAT'd as 1.1.1.1 (public)

The exchange server has an inbound NAT of 1.1.1.2 (public) > 192.168.1.1 (private).

Now when the exchange server makes a connection to the outside world will it be seen as 1

...

Resolved! Maximum Rows In Policy Editor

I am currently working within Panorama and for one device group there are over 533 rules and editing them is terribly slow.  I found this document and one of the fixes mentioned was limiting the row count in the policy editor to only 100.  I would l

...

External IPs with two ISPs

Dear all,

We have a special setup on our external firewall interfaces. There are two different Internet lines from two different ISPs:

The yellow line (ISP b) indiaces the main Internet line. The green one is currently only used for outgoing e-mails us

...

oschuler by L4 Transporter
  • 2208 Views
  • 2 replies
  • 0 Likes
  • 23588 Posts
  • 103 Subscriptions
Top Solution Authors
Top Liked Authors
Labels