Enhanced Security Measures in Place:   To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.

General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Ensuring a Safe and Secure Community: How You Can Help

 

Dear LIVEcommunity Members,

 

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

safe-community_oct24.jpg
report-content.jpg
jforsythe by Community Team Member
  • 114 Views
  • 0 replies
  • 0 Likes

SSL-decryption slow

Hello,

So I have tested SSL decryption today, and I made it work. But for some reason some of the webpages that are being decrypted are extremely slow. Facebook and even support.paloaltonetworks.com are two of them.

I exported a CA certificate from our

...

User-ID issues with multiple domain controllers

Hi,

I have a few questions about how the user-id works that I have been unable to solve.

We are currently rolling out a lot of virtual systems to our customers in a MSSP environment and as you can imagine coming across some strange server setups.  This

...

bjackson by L2 Linker
  • 4141 Views
  • 1 replies
  • 0 Likes

default action = alert?

In browsing through the default actions for vulnerabilities, spyware and AV I see that the a lot of the actions for HIGH and CRITICAL severity events is just Alert.  I expected a lot more blocking, dropping, and resetting.   (half of High and >10% of

...

schaleg2 by L0 Member
  • 2203 Views
  • 1 replies
  • 0 Likes

Resolved! PA dropping packets on their return path

Hi

I have a simple L3 setup.

E1/1 connected to a router (default gateway to the internet). IP 192.168.119.2, untagged Zone VLAN1

E1/2.2 connected to a switch (VLAN 2 tagged). IP 10.2.2.1 (default gateway for the 10.2.2.0/24 network), Zone VLAN2

I have a

...

u13550 by L3 Networker
  • 8217 Views
  • 5 replies
  • 1 Likes

PAN filtering ssh public key auth?

Hi

I have a host which I can access without password with ssh by public key.

This works fine, but as soon as the traffic goes over a PAN (500), I get asked for the password.

Is the PA500 doing anything special here that I'm not aware of?

Thanks

u13550 by L3 Networker
  • 1979 Views
  • 2 replies
  • 0 Likes

disable SSL renegotiation

Is there a way to disable SSL renegotiation at firewall level ?

Disabling it server side ( Microsoft Security Advisory: Vulnerability in TLS/SSL could allow spoofing ) breaks activeSync. I'd like to test a different scenario to get rid of the many fal

...

dieter_b by L4 Transporter
  • 3228 Views
  • 1 replies
  • 0 Likes

Default rule - tcp reset/icmp host unreachable

Hello All,

Maybe it's there, in a doc, but I cannot find it...

Suppose I have tiered architecture.

And suppose developer breaks his code and want's to connect to other security zone or to the outside world buth should not, and I want his application to

...

Accessing brightcloud.com returns block page

We are sometimes getting a block page when accessing brightcloud.com to report a site. The category returned is 'malware-sites'. The logs show that 'service.brightcloud.com' is correct, but 'brightcloud.com/support/lookup.php' and 'brightcloud.com/su

...

cloughr by L2 Linker
  • 3105 Views
  • 3 replies
  • 0 Likes

Resolved! How to see historic load (CPU load) stats on 4020?

Let me start by giving the traditional, ive rtfm, this forum wont let me search it and ive tried hard to find it myself.

I need one simple thing. How much load is on my FW and whats the load been historically? Where the heck can I find this? All I can

...

choff123 by L3 Networker
  • 6021 Views
  • 2 replies
  • 0 Likes

Traffic shaping and QOS clarification

Hello

I try to do some traffic shapping for a server to control the traffic used by this server over internet, generally this was easy done over our old netscreen/juniper FWs

when i tried to figure it out over our PA 2020, i passed throught a not that

...

daba1974 by Not applicable
  • 3941 Views
  • 2 replies
  • 0 Likes

URL filtering block page

I would like to customize our block page to show the ip address of the user.

How do we add this on the html code of the blockpage?

I have the entry <p><b>IP:</b> <user/> </p> in my block page, but it shows the username instead of ip address.

Any thought

...

Resolved! Block FTP Brute Force Attemps - Threat ID 40001


Hello,

I want to block Block FTP Brute Force Attemps.

The default rule in the PA alert only in theThreat log.

I added a new Vulnerabolity Protection Rule:

Action: Block

Host type: Any (also tried Server)

Category: brute-force

Severity: Any

CVE: Any

Vendor ID:

...

  • 23588 Posts
  • 107 Subscriptions
Top Liked Authors
Labels