General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Where is PAN User Identification Agent data stored?

Hello,We currently utilize the User Identification Agent to send usernames to the PA's. However, recently, the app has been locking up. It continues to run and send information messages in the log but it does not collect usernames. I cannot monitor the service because it is still running, just not communicating. I'd like to write a script to...

Does PA have any documentation for their IPS/IDS system?

Just went throught the PA administrator 4.1 guide and there isent much regarding how to use the IPS/IDS system. I have a spare PA-200 at the shop and wanted to learn more on how to use the IPS/IDS system and Wildfire. Can someone direct me to the right direction?RW

How to track current number of SSL VPN users?

I am looking for a way to report on the number of current SSL VPN users. I would prefer a solution that let's me track this via snmp. I have looked in the MIB for 4.1 and I do not see this anywhere listed in the MIB, I am hoping that someone can point it out to me.Bonus points, does anyone know if there is a way to have the VPN portal change t...

kdebreuil by Not applicable
  • 9821 Views
  • 1 replies
  • 0 Likes

AppID Cache and recent Security Bulletin: App-ID Cache Pollution

Hello Everyone, I was having a closer look at the APP ID cache pollution issue that was addressed in the above mentioned bulletin.It states that , "The App-ID cache is a mechanism for caching the App-ID associated with a destination IP/port pair. When enoughconsecutive connections are established to the same destination IP/port with the same App...

Resolved! Overriding Panorama Template settings

I am reading in the Admin guide on the specifics of the Panorama and creation of templates.To override device and network setting applied by a template, you simply change to the device context, or access the device directly, navigate to the desired setting and then click theOverride button. The setting will be copied to the local configuration o...

scantwell by L4 Transporter
  • 3765 Views
  • 1 replies
  • 0 Likes

Resolved! SNMP QoS

Wondering if it’s possible to get QoS (per queue) throughput stats via SNMP?

Captive Portal and speed limit for users

HelloNow I have 3 Mikrotics routers with WiFi and HotSpot service connected to dedicated VLAN on PA200. On the HotShot I have profile that limiting download/upload transfer to 500kb/s per user.Id like to change Mikrotic routers to AP mode and on PA200 make captive portal. But Im looking for solution how to make session limit to every logged pers...

_slv_ by L4 Transporter
  • 3974 Views
  • 3 replies
  • 0 Likes

Resolved! Panorama does not display saved configurations

Ok, I just getting started on Panorama, and I have 10 FWs in Panorama now.When I click on Managed Devices, then go to Backups, I see the history of my past committed FW configs listed by version number.I should ALSO be able to see the saved configurations (saved named configurations) on the various FWs.For some FWs, I do see a saved config (but...

scantwell by L4 Transporter
  • 3058 Views
  • 2 replies
  • 0 Likes

Rule to allow Client based email

I'm trying to figure out the best way to write a rule to allow mobile devices access to their personal email. Browser based email works fine since it's mostly on 443(or 80) which we allow out. But what about Client based email not on 80/443? For example...-Using the iOS Exchange client to retrieve gmail or yahoo mail, it uses Secure IMAP on TC...

jambulo by L4 Transporter
  • 4635 Views
  • 1 replies
  • 0 Likes

Getting around url redirects and safe search

Hello,I'm fighting a losing battle trying to get forced safe search working. I'm currently trying to put a dans guardian and squid filter on the outside of my PA to handle just searches to as many search engines as I can find redirects for. Has anyone else tried to do this or anything like it? There has got to be a better way to handle safe ...

mlaporte by L1 Bithead
  • 3477 Views
  • 3 replies
  • 0 Likes

Resolved! How to discard changes on a PAN?

Let's say I log into the management website of the PAN and make a couple changes to see the way it would look in the ruleset.If i want to discard those changes, are my only options to "revert to last saved configuration" to make sure that none of those changes go into effect?I've noticed that the PAN tends to keep the changes, even after logging...

PAN-OS 5.0.0 Upgrade failed

Upgraded a box from PAN-OS 4.1.10 to PAN-OS 5.0.0. During installation was prompted to reboot, chose reboot. The device did not come back online. Consoled into management port sees the following messages loop over and over:Welcome to PanOS Setting clock (utc): Wed Jan 23 15:12:59 EST 2013 [ OK ] Starting udev: [ OK ] Setting hostname 5000: [ OK ...

Resolved! Web Proxy behind PAN firewall and application recognition

I know this question has been asked in other posts but I figured I would give it another try. I would like the PAN to sit between my users and my web proxy *and* for the applications to be recognized instead of just reported as proxy traffic. Is there any setting to force the PANOS to do this?

dustintodd by Not applicable
  • 14914 Views
  • 16 replies
  • 0 Likes
  • 24402 Posts
  • 123 Subscriptions
Top Solution Authors
Labels