General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Global Protect - how to do it?

Hello

I havent licence for GP but I have a problem to solve ...

I have 3 types (groups) of clients:

(1) must have internet access with av/antyspyware/etc profiles.

(2) must have internet access like (1) plus RDP to some host in local zones. Every client

...

_slv_ by L4 Transporter
  • 2373 Views
  • 3 replies
  • 0 Likes

Hit-Statistics per Security/NAT Policy

Hi,

I would really like to see how often a security policy is hit. We came from Sonicwall to Palo alto, and this is one of the things i miss the most.

Maybe there's a CLI command for it ? I didn't find it so far.

Hope you can help me out.

Kind regards,

Re

...

APT Attacks

APT attack is one of the things the security industry is focusing on these days, and something that we should be aware of as well. In case a RAT (Remote Access Tool) gets installed on the user’s PC, an attacker can access and download all files withi

...

Resolved! Testing IPv6 using test-ipv6.com

I'm unable to successfully complete test-ipv6.com (10 out of 10) without doing either 'Any' application or adding unknown-tcp as an application.

When I do just web-browsing, I get denies on 'unknown-tcp'.

Is there something different I can do without a

...

gfowler by L2 Linker
  • 8974 Views
  • 17 replies
  • 0 Likes

Isolate and NAT a segment for BYOD

I've tried setting up a subnet on our local network for wireless BYOD purposes and our aim is to have phones/pads connect only on this subnet (10.84.0.0/16). An ACL on our layer 3 core switch prevents this subnet from communicating with other 10.x.x.

...

sspivey by L1 Bithead
  • 2177 Views
  • 1 replies
  • 0 Likes

Resolved! ignore_user_list.txt/filter groups list

Question, when we were using the User Identification Agent Version 3.1.2 we could filter out accounts by editing the “ignore_user_list.txt” in the pan agents folder (typically c:\Program Files\Palo Alto Networks\PanAgent).  Now we have upgraded to th

...

Resolved! Another download is in progress

When attempting a download of a PAN OS software image, I get the error "Another download is in progress. Please try again later" in the download dialog.  How can I find out what download is in progress and potentially stop that so I can get the softw

...

Report like in CheckPoint - possible?

repo
Hi

Recently I was on Next Generation SECURITY Conference 2012 in Poland. I got sample report from CheckPoint 3D security. You can get it from http://downloads.checkpoint.com/dc/download.htm?ID=13521

Is it possible to get similar report from PAN (wi

...

_slv_ by L4 Transporter
  • 2681 Views
  • 3 replies
  • 0 Likes

Resolved! HA Down Time


Dear Support:

I want to know how long will the Standby PA become active ?

According to the HA best practice , Running @ PA2020 & 4.1.8

the HA statue  is normal , all things are match

and the link monitor had setup , interface monitor set to shutdown

I pin

...

j.guo by L1 Bithead
  • 4057 Views
  • 4 replies
  • 0 Likes

Resolved! Export Object Addresses list

I see there is a way to export policies, is there a similar way to export my objects/addresses?  I'm trying to do a little cleanup on my PA4020's and I'd like to send object lists to the people who requested their creation, to see if they are still v

...

bhelman by L2 Linker
  • 3280 Views
  • 3 replies
  • 0 Likes

Resolved! HA Lite Configuration A/P not working...

Hi All,

Trying to configure a pair of PA-200's as an active-passive cluster using "HA lite".  Right now both devices are showing active, so it seems the nodes do not see each other as cluster members.  I have defined one HA link on both firewalls, eth

...

Resolved! Deploying Dynamic Updates

We have a Panorama box, and I thought I would try to push apps and content version 192 out to our PA-2050s that are in an HA pair. We are running PAN OS 3.1.2 on the Panorama server and the PA-2050s. I downloaded the apps package, and began deploying

...

mharding by L4 Transporter
  • 7418 Views
  • 10 replies
  • 0 Likes

Resolved! HA issues since upgrade to 4.1.8

Hi.

I have two 2020's in a HA configuration.

On software 4.1.7, when I modified configurations etc, the synchronisation worked just fine - every change was automatically synched to the passive node on commit.

Now that I've upgraded to 4.1.8, more than h

...

darren_g by L4 Transporter
  • 2733 Views
  • 4 replies
  • 0 Likes
  • 24028 Posts
  • 102 Subscriptions
Top Liked Authors
Labels