This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Best Practises from a Performance perspective.

Hello Everyone,Could someone shed some light on configuration best practises that can optimise performance from GUI , Security rule processing etc ?For example , I was told that using a App Group with a large number of Apps to whitelist might have an adverse performance impact , instead it is better to use App filters as much as possible. And wh...

Resolved! URL Filtering in Panorama

Hi All,why URL Filtering version in Panorama always shows as "0"?Where is URL Filtering database stored? I found that unlike normal PA box, there is NO URL Filtering schedule can be set in Panorama -> Dynamic update, are they related?

TerryYau by L0 Member
  • 2570 Views
  • 1 replies
  • 0 Likes

Resolved! Are PA-devices affected by the packets of death?

For more information see Not Just AstLinux Stuff: Packets of Death and http://www.kriskinc.com/intel-podhttp://sourceforge.net/p/e1000/bugs/119/?page=3 might be related aswell.In short, a magic combo in packets will make the nic go completely offline. Only a powercycle (reboot will not help) will bring it back online (nice DoS capability). Seems...

mikand by L6 Presenter
  • 3857 Views
  • 5 replies
  • 1 Likes

What possible reason cause MP CPU higher after integrate with Panorama

Hello,As this article's title, I setup a Panorama to collect the logs from a PA-2050.But, when I complete the integration between Panorama and PA-2050, the CPU percentage of Management Plane become higher.Before the integration, the MP CPU is lower then 15%. One month later, the average keeps about 59%, sometimes higher then 60%.But I check the...

File "Block" page showing when file "Block and Continue" set

I have an issue where I have set a 'Continue' action in a file download profile, but the file Block page is being shown instead.There is a article on here saying to reset the relevant Response Page setting, but that does not work as the page being shown is still the Block page (and when exporting the HTML from the Response Page tab it shows that...

apackard by L4 Transporter
  • 5306 Views
  • 5 replies
  • 0 Likes

Block-ip action for blocking brute force ssh doesn't seem to be working

We've been noticing that we are getting quite a bit of brute force ssh attempts on our system, so we decided tonight to put in a rule that blocks those attempts. I took one of our existing policies that just logs everything, and added an exception that would block ssh brute forcing. Originally the action we set was block-ip, and we set it to blo...

Landon by L1 Bithead
  • 8179 Views
  • 8 replies
  • 0 Likes

PA200 with DSL (Dynamic DHCP Client) causing slow web browsing and "incomplete" application in traffic monitor

Ever since I put my PA200 inline at my house, my internet has been running really slow.In troubleshooting, I learned about the "More Runtime Stats" link in the virtual router. I needed this info to determine what traffic should be considered "interesting" and routed through the SSL VPN to create split tunneling for remote access.Because s lot o...

cindyb by Not applicable
  • 3912 Views
  • 1 replies
  • 2 Likes

Resolved! there is a way to log with alert when using a cat in TAB "Url Category"?

Hi,All my URL profil is config with ALERT instead of allow. So i log any URL block or accept.But the problem is im not able to ALERT if i unblock or block a category under policies TAB name "URL Category".I have no choice, my rules are set in this way. I have a default URL profil that give access to most of the category.But i have some sepcifi...

Resolved! How do I block all URL traffic but a select few?

This question has been asked in a couple of different ways without a definitive answer that I can find.My challenge is that we have an external engagement space where designers (internal and external) collaborate on projects. Users thin client into the environment and do their work with data and information going into the secure environment wher...

dmcgee by L0 Member
  • 18102 Views
  • 5 replies
  • 1 Likes

Resolved! Display 'Last logged in' info on user's logon screen

Hi,Is it possible to display the timestamp of the last login on the logon screen (both in captive portal and at the globalconnect remote client)?I think this is a nice assurance for the user to actually check that noone has used his account since his own last login.It is probably technically challinging, but I want to discuss the possibility and...

HA Primary

Why is it when I have a HA pair with an identical link failure on both devices (same monitors configured), the device with the higher 'device priority' value (least preferred) becomes the Primary device?When a pair of devices has the same failure the device with the lowest priority (most preferred) should be the primary.It seems to end up on the...

Palo Alto start up queries

Hi everyone,Just have some queries on Palo Alto firewalls posting some questions. Help on these is much appreciated. what does the following command do > show neighbour all Does this function like Cisco discovery protocol to identify the peer CISCO devices or for OSPF neighbour or some other purpose?2. how to see interface physical and adm...

srikanth by Not applicable
  • 3795 Views
  • 1 replies
  • 0 Likes

Resolved! Syslog - What IP is Sourced in Syslog?

PA500 and syslog? What IP (or interface) is sourced from the PA to a syslog server? Is it a management interface? If you have multiple assigned management interfaces, which one?Thanks.

dudesdad by Not applicable
  • 6346 Views
  • 4 replies
  • 0 Likes
  • 24380 Posts
  • 123 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks