General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Resolved! URL Filter - Block one and log the rest

On a PAN with no BrightCloud license, you can still use the URL filtering "Block" and "Allow" lists. Right now I use that feature to have a "log-all" URL filtering policy where I have "*" in the block list and an action of "alert." But now I have one (or it could be a short list) of URLs that I want to really block, i.e. an action of "block." Ho...

cosx by L2 Linker
  • 4018 Views
  • 3 replies
  • 1 Likes

Exporting Security Policies

One of our PCI Compliances is to have a record of the firewall rules, and review them once every six months. My Director likes to have them in a Excel Spreadsheet. Since the beginning, we have went from 79 policies to just about 200 policies, and copy and pasting them into Excel is beginning to become cumbersome. Is there there something I am mi...

mharding by L4 Transporter
  • 4504 Views
  • 2 replies
  • 0 Likes

Resolved! OSPF A/P HA Config with Floating Static Routes

I am trying to understand the sample OSPF Active/Passive HA configuration outlined in Tech Note: How to Configure OSPF https://live.paloaltonetworks.com/docs/DOC-1939 . The problem I have is with the floating static routes defined on upstream and downstream routers intended to reduce failover times. Floating static routes are described in s...

oshcomp by Not applicable
  • 5848 Views
  • 1 replies
  • 0 Likes

Resolved! Traffic log filter result abnormal with non admin account on PanOS-4.1.7-h2

Hi All,We run PanOS 4.0.9 on PA-2050 previous, and traffic log filters results are normally. however after we upgrade PanOS to 4.1.7-h2, the traffic log filter results with non admin account are abnormally, but when we change back to admin account and do the same, it works normally.The non admin account was created by admin, and authenticated wi...

Dynamic block lists - possible xml config corruption

We recently upgraded to 5.0 and one of the first things I wanted to try out was the dynamic block lists. I set up 4 block lists (dshield, zeus tracker, palevo tracker, spyeye tracker) and tested to make sure the URLs were accessible. I rec'd the message that they were accessible/readable, so I set them to pull data daily at 7:00am, 7:01am, 7:0...

sconley by Not applicable
  • 3032 Views
  • 2 replies
  • 0 Likes

Hostname used for logon

I have a customer that is trying to use the hostname when browsing to the Palo to logon. They get to the logon page just fine, but after they enter their credentials and hit enter, the page goes to grey and just sits there. If the customer used the management IP address to logon, everything works just fine.Any suggestions as to what is causing t...

cdamore by L1 Bithead
  • 2733 Views
  • 2 replies
  • 0 Likes

Management is still terrible

We've been using this platform for over a year now and the interface is not great to say the least. It takes no less than 30 minutes to make the most basic change. Is anyone else feeling the pain? Our SE is useless. Please create a Java client to remove the burden from the appliance.

Resolved! Captive Portal Configuration

I have read over the document on how to configure the captive portal. Maybe I am missing it, or having a senior moment, but I am little puzzled.What I want to do is make sure when we have guests, vendors, salespeople etc, connect their device to our network that they have to authenticate before they can use the Internet. Where I am puzzled in th...

Resolved! Panorama error message "could not call showSessionVars.esp"

Hi All,We deployment panorama for centralized paloalto unit this month, however we got the error message twice when manage paloalto unit by panorama.The popout windows screen shows the message "Could not call showSessionVar.esp".Any one knows what the message means? why and what reasons will cause the message popout?

Resolved! Captive Portal & Active Directory Password Change

Hello, we are currenlty using captive portal for pupil laptops and mobile devices that are not joined to the domain to authenticate for internet access.Does anyone know if you can use or setup captive portal that is a users active driectoy account and been set to change that this can be done via captive portal with out them having to go to a sch...

daz1981dp by Not applicable
  • 6285 Views
  • 7 replies
  • 0 Likes
  • 24394 Posts
  • 123 Subscriptions
Top Solution Authors
Labels