General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

WildFire Logs versus Blocking.

For WildFire logs in 5.0.2 there is some confusion about the subscription. The question most ask is whether the lack of a wildfire subscription will still allow the logs in the WildFIre section to accurately alert if a file is potentially malware. And in a general sense what the WildFire subscription gives you.

amansour by L4 Transporter
  • 3418 Views
  • 3 replies
  • 0 Likes

facebook games block

When I searched I can see there is a custom app for farmwille facebook app. But when customers want to block all facebook games ? How can we do this ? is there any signature for that ?Or any update that PaloAlto works on facebook apps ?Thanks.

Resolved! XBOX Live

We are a small university with a PA 2050. Since we installed the box, our XBOX live gamers have complained that they can't connect to XBOX live, or that if they ever DO connect, it takes a long time. The message they receive, in particular, is that their NAT setting was set to "strict".I've allowed xbox traffic in the PA, I've even gone and spec...

Active-Active HA and 10G

Most users with a PA5000 in Active-Active HA are running these mutli-datacenter. Can someone explain how traffic over HA links would synchronize sessions if the connections are at 10G. We basically notice downtime when the appliances go down for perceivably all sessions. Does anyone know what sessions are synchronized, is there a way to prior...

amansour by L4 Transporter
  • 2221 Views
  • 1 replies
  • 0 Likes

Layer 2 Bridge and ARP Table.

Hi All; Quick post to help anyone looking for the answer to this. If you are randomly seeing slowness every few days from the network and eventually have to reboot your perimeter router or the firewall, it may be that your ARP table is full. When setting up layer 2 on the firewall in some cases a VLAN can be bridged across two physical interfa...

amansour by L4 Transporter
  • 3036 Views
  • 1 replies
  • 0 Likes

Resolved! Unable to Export CSR from Panorama?

Hi,I just generated two CSRs on Panorama, and I am unable to export them. When I try, I get an errors.txt file that says "Failed to prepare CSR <CertName> for export". I've worked around this by committing the configuration to the devices, and then exporting directly from the firewalls. I'm just wondering why I am unable to do so directly ...

Abs by L3 Networker
  • 2940 Views
  • 2 replies
  • 0 Likes

Resolved! Tracking application change in a session

Does anyone know if it's somehow possible to track application changes in a session?Let's say an application in a session first is identified as web-browsing, then facebook, and finally facebook-chat. Maybe not a realistic example, but you get the point Is there any way I can see that in the traffic logs, or through any other cli commands?

torm by L4 Transporter
  • 4684 Views
  • 3 replies
  • 0 Likes

Resolved! PA-2020 Software Upgrade

Does anyone have experience when upgrading from version 4.1.6 to version 5.0.0? I am wondering (outside of the release notes) if anyone has seen bugs.Thanks

c0d3w12 by Not applicable
  • 3855 Views
  • 3 replies
  • 0 Likes

Resolved! Palo Alto Support Contracts

I recently purchased a firewall with a 1 year support contract. I received it three months ago and haven't had time to deal with it. When is the official start date of my support contract? Do I have a certain amount of time to register the box before it's invalid? I know if I register and activate the box the support contract starts immediately ...

das by Not applicable
  • 3688 Views
  • 2 replies
  • 0 Likes

Resolved! active / passive setup(connected switch/router arp cache timeout)

I was starting to setup an active/passive system and once the HA was enabled, I lost connection to and from the internet. I found it was an ARP cache on my router. Now if my PA's failover the outside IP will startup and issue a new MAC for that IP and re-arp on router? I was looking at my arp cache timeouts, I though I might have to tweek thi...

PAlmart by L1 Bithead
  • 3560 Views
  • 1 replies
  • 0 Likes

Resolved! User ID Agent Ignore

I have user id agent 4.1.6-5 on PAN OS 5.0.1.Is it possible to tell the agent to ignore certain IP addresses, I know how to do with the users by using the ignore list text file.

Clearing snmpd.log due to log overflow

I recently upgraded to PAN 5.0.1. I am now receiving the following alert - Clearing snmpd.log due to log overflow. I have been trying to get more information on this alert but have been unsuccessful. I am concerned with what the log overflow is referring to. Do I need to tweak my default configuration for log retention in the 5.X code. Is th...

Resolved! MAC address spoofing

Does someone know if it is possible to spoof/change the mac-addresses from a VM PAN 100? Our ESXI Vendor won't enable Promiscuous Mode, so we don't have data through our Ethernet ports. I guess maybe, when I can spoof the MAC address, it might be working.

VSA by L0 Member
  • 3100 Views
  • 1 replies
  • 0 Likes
  • 24397 Posts
  • 123 Subscriptions
Top Solution Authors
Labels