General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Resolved! How to see historic load (CPU load) stats on 4020?

Let me start by giving the traditional, ive rtfm, this forum wont let me search it and ive tried hard to find it myself.

I need one simple thing. How much load is on my FW and whats the load been historically? Where the heck can I find this? All I can

...

choff123 by L3 Networker
  • 5361 Views
  • 2 replies
  • 0 Likes

Traffic shaping and QOS clarification

Hello

I try to do some traffic shapping for a server to control the traffic used by this server over internet, generally this was easy done over our old netscreen/juniper FWs

when i tried to figure it out over our PA 2020, i passed throught a not that

...

daba1974 by Not applicable
  • 3767 Views
  • 2 replies
  • 0 Likes

About undecided application.

Hello guys.

I have some question about APP-ID.

For session browser, PAN recognized application was UNDECIDED and traffic was passed and state was ACTIVE. so traffic was not dropped but why PAN could not recognized application properly and recognizing U

...

ttongfly by L3 Networker
  • 5979 Views
  • 3 replies
  • 0 Likes

URL filtering block page

I would like to customize our block page to show the ip address of the user.

How do we add this on the html code of the blockpage?

I have the entry <p><b>IP:</b> <user/> </p> in my block page, but it shows the username instead of ip address.

Any thought

...

Resolved! Block FTP Brute Force Attemps - Threat ID 40001


Hello,

I want to block Block FTP Brute Force Attemps.

The default rule in the PA alert only in theThreat log.

I added a new Vulnerabolity Protection Rule:

Action: Block

Host type: Any (also tried Server)

Category: brute-force

Severity: Any

CVE: Any

Vendor ID:

...

Resolved! AD Groups Not Showing Up

I'm using User-ID and Active Directory groups to identify traffic from specific people.  The User-ID part seems to be working because Source User shows up in the logs and I can configure firewall rules using individual user-IDs. 

However, I'm having

...

PSC_IT by L1 Bithead
  • 8428 Views
  • 4 replies
  • 0 Likes

Resolved! Multiple Block Pages?

Hello,

Is it possible to create/select/use a custom response/block pages for specific URL categories? For example: can I have one specific custom response page for "unknown" categories, and another block page for "malware" categories?

Thanks,

-Paul

apc050 by Not applicable
  • 5923 Views
  • 3 replies
  • 0 Likes

Resolved! Best practice for committing changes in active-passive HA?

When making policy changes in an active-passive HA pair, do you usually edit and commit the policy using the active device, or the passive?  I have always made my changes on the active device, but lately I've been thinking that because the management

...

abelgard by L1 Bithead
  • 6819 Views
  • 5 replies
  • 0 Likes

IPS \ Application Signature

Hi all

I need to write ips / application signature to recognize sender and recipient in SMTP

for example:

If smtp sender A send mail to recipent B - Allow.

If smtp sender A send mail to recipent C - Block

I will be happy if anyone know how to do it.

Alon

along by Not applicable
  • 1867 Views
  • 2 replies
  • 0 Likes

GP VPN dual factor auth, and contractor access.

I have two questions regarding the Global Protect Gateway / Portal (SAN the GP Licensing)

- I am wanting to setup two factor authentication for users to authenticate to Global Protect Gateway/Portal with a (common) client certificate installed on thei

...

cmateam by L3 Networker
  • 3339 Views
  • 1 replies
  • 0 Likes
  • 24034 Posts
  • 102 Subscriptions
Top Liked Authors
Labels