General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Resolved! PanOS 5.0 User-ID Redistribution

So a new feature within 5.0 is to allow a PA to act as a user-id redistribution point for other PA's. Has anyone gotten this to work? I tried testing this out, but I am not seeing how to configure. I setup our core PA's to act as a redistribution point using a collector name and shared key.I then tried configuring one of my remote PA's to connec...

Resolved! Settings for getting Hyper-V working in PAN

setupHello,I have been struggling with this all day, and I think I have it narrowed down, but can't seem to nail it down yet.I have a test Hyper-V 2012 server in the data center, and all my services are working properly, except being able to connect to the VM's via Virtual Machine Connection. It uses TCP Port 2179 and is basically RDP, just runn...

Resolved! Receive time of logs ("Traffic Log") in a custom report

Hello all,I've created a custom report for gettings logs (from Database "Traffic Log") and I need the exact receive time for the entries.Unfortunately, there is no such column to choose from. The only column that contains time information is "quarter hour" - but this is not precise enough. If you take a look at the traffic logs directly (no cust...

Resolved! L3 setup for DMZ link

I currently have the following setup. Two PA's in active-passive with an L3 interface configured with zone DMZ-Web connected into a single switch. That same switch is connected to a VM host that is also in an active-passive configuration. The problem here is that the switch is a single point of failure. If we put in a second switch, can I ag...

iguarino by L0 Member
  • 3388 Views
  • 3 replies
  • 0 Likes

Resolved! ISP Support

Hi,Just want to know how many ISP does Palo Alto supports?Thanks in advance.Rex

ANY policy not matching host traffic

Hi,I am troubleshooting SMTP access issue and for the same I have configured ANY allow policy for the host (src). I however dont see the SMTP matched in the policy. The ANY policy is device specific and is configured at top. All policies after that are pushed via Panorama. We have a default catch-all policy at the bottom and the SMTP traffic mat...

Monitoring PA-2050 (CPU, memory, Traffic volume, State)

Hi,I have two firewall PA (active/passive cluster) and i would like to monitoring several parameters like:- CPU- Memory- Traffic volume of all physical interfaces and subinterfaces- State of the FWS, etc.Which is the best way to monitoring a FW Palo Alto???? What way are u using to monitoring??? Palo alto can be configured to send you an email w...

Block gmail web messenget

Hello to all, I am trying to block gmail web messenger in a VW setup, I already configured SSL decryption so I am able to block facebook chat and posting even in https, but I am unable to block gmail web chat, I already checked this article: But still doesn´t work, any help will be appreciated

asaldana by Not applicable
  • 4572 Views
  • 4 replies
  • 0 Likes

Resolved! Where can i find a reference for gui log search syntax?

Im having trouble finding a reference for gui log search syntax. I know i can run a custom report but that not too intuative and id rather just have a reference of all the options available.for example, can I use IP ranges?eg: 192.168.1.0/24-192.168.55.0/24 ?thanks

choff123 by L3 Networker
  • 2885 Views
  • 2 replies
  • 0 Likes

Resolved! URL inspection on non-web browsing applications

One of my customers asked me a question about URL inspection on non-web browsing applications. The question was, if he has a Security Policy that allows multiple applications (web and non-web) and he also has a URL Profile attached to that policy, will the firewall inspection all traffic that is allowed through that policy even though some of it...

jwolach by L4 Transporter
  • 2310 Views
  • 1 replies
  • 0 Likes

Question Regarding Traffic Log DB Quota

On of our customer, BRI, they found a system alarm which said "traffic log database exceed alarm threshold". Here's the screenshot: Here's the log quota settings on their box: Here's their real disk usage: The question is, what will happen if the traffic log db exceed its threshold? I know from PAN support that if the traffic db exceed tha ...

anzhari_p by Not applicable
  • 7513 Views
  • 6 replies
  • 0 Likes

Resolved! Global Protect Client 1.2.0

We are using a self-signed certificate on our PAN. The Global Protect clients before the latest version were fine with it. Now I am getting invalid certificate errors connecting with the latest client. What has changed with this new client?Thanks

Kindle e-reader with Captive Portal

Hi AllI was wondering if anyone has managed to get a Kindle e-reader (E Ink not Kindle Fire) to work with a PA Captive Portal.We have had a couple of users who have been able to connect to the WiFi however the logon page will never show on the browser.ThanksTom

DHCP not working for Apple mac (AirPort)?

I have an issue where some Mac-clients gets "private address" when they try to reconnect to wifi and PA-2020 is DHCP server. A "show dhcp server lease all" shows "offered" for the client, but the client is not receiving the lease.I'm running 4.1.10Any ideas?

  • 24395 Posts
  • 123 Subscriptions
Top Solution Authors
Labels