General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

How and Why to Accept a Solution to Your Post

Did you know that you can help your fellow community members by accepting solutions when a reply answers your question. Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature

...

JayGolf_0-1691518400714.jpeg
JayGolf by Community Team Member
  • 2935 Views
  • 2 replies
  • 14 Likes

Resolved! Help: SSL decrypt vs yahoo & google driver

Hi all!

I config PA to decrypt SSL traffic.

I test traffic Https on gmail, facebook, it ok

But my yahoo and google driver client can not connect to servers.

This is my config.

Pls help me

thanks

dat.tran by L2 Linker
  • 3397 Views
  • 1 replies
  • 0 Likes

Is PAN OS buggy?

If I only had my personal experience and the amount of chatter on the support forum, I'd say that the PAN OS is buggy.  Is there more comprehensive information available on bugs in the various releases, like Cisco's Bug Toolkit?  I'd like to make mor

...

msullivan by L3 Networker
  • 5890 Views
  • 11 replies
  • 0 Likes

Zone protection hardware limits

Hi,

Anybody tested what the maximum syn/pckts/sec is? for the hardware platforms?

Otherwise we should start with a high value that maybe has no protection and the box could still die.

Regards,

Kevin

How to see new session per second

Hello,

I wanted to fine tune a bit the default (Alert=10000,
Activate=10000 and Max=40000) values on our Zone protection profile in order to
limit the number of syn flood attack that seem to me very high, but for do it I
need to monitor during some time

...

BSadozai by L2 Linker
  • 1650 Views
  • 0 replies
  • 0 Likes

custom pattern for files containing "@"

Hi

we would like to filter all files (like CSV, XLS, TXT) which contains an "@". For example an CSV-file which contains more then 1 email-adresses.

Can someone help with the regular expression?

Thank you

User-ID-Agent Traffic

We have user-id-agents on ou core DC's and all our local DC's (across the WAN).  We receive reports with high SMB traffic polling from the core DC -> local DC.  Anyway to eliminate or reduce?

rrau by L3 Networker
  • 3119 Views
  • 6 replies
  • 0 Likes

Resolved! Update application v 339

Hello,

Since I have updated my active/passive cluster with latest Application and threat content (version 339, released yesterday), some ssl traffic is now recognized as "tor" application.

This traffic is only ssl, not tor.

Is someone else have this pro

...

Performance with Spirent

Hi All,

Test with PA 5020, with PAN OS 4.0.11 with tcp reject non syn disable

Traffic generate from 50k IP Source and 1 IP Destination

Can anyone give explain about why in small packet (64 bytes) test in Spirent, there is no result ?

Or someone already t

...

mgp by Not applicable
  • 1919 Views
  • 2 replies
  • 0 Likes

Resolved! SMTP Authentication for Reports, Alerts, etc.

Hello,

I'm trying to setup my PA-500 (running PAN-OS 5.0.0) to e-mail me reports and alerts.  But, there are no options for SMTP authentication, which our mail server requires us to use.  Am I missing the options somewhere, or is this feature not buil

...

ndblew by L0 Member
  • 3635 Views
  • 1 replies
  • 2 Likes

Resolved! unauthorized application goes to specific rule

Hello,

I have defined a rule that allow pings (using the "ping" application). However there are a lots of other applications that flows through this rule, even "web-browsing" !!!

How is this possible ?

Regards,

Laurent

ldormond by L3 Networker
  • 6752 Views
  • 10 replies
  • 0 Likes

Firefox Error ssl_error_rx_unexpected_new_session_ticket

Hi,

after PA-500 upgrade (from 4.1.7 to 4.1.9) I solved SSL problem with Chrome but now I have a problem with firefox opening SSL pages (when they was decrypted by the firewall).

For example opening https://www.google.com I receive this error:

"SSL ha r

...

diennea by L3 Networker
  • 3067 Views
  • 2 replies
  • 0 Likes

Virtual-Wire VLAN tag translation

I understand that VLAN tag translation is not available on virtual-wire interfaces, can someone tell me whether this is on any road map and likely to be included in a future release of PANOS? It's something that I require for a proposed PAN deploymen

...

debsPal0 by Not applicable
  • 1424 Views
  • 0 replies
  • 0 Likes

Resolved! LDAP authentication not matching user groups

Hi.

I've got LDAP authentication configured to allow users into a Global protect portal. I'm 100% sure it works OK, because I can authenticate against it.

Trouble is, I *can't* get it to authenticate against an Active Directory group. if I add individu

...

darren_g by L4 Transporter
  • 6897 Views
  • 11 replies
  • 0 Likes
  • 24030 Posts
  • 99 Subscriptions
Top Solution Authors
Top Liked Authors