General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

GlobalProtect OnDemand mode

Hello,

We use PAN OS 4.1.1 and GlobalProtect 1.1.0, free version of GlobalProtect.

We have configured GlobalProtect in OnDemand mode.

When the GlobalProtect software starts it connects to the PA and try's to logon with the stored credentials (Username /

...

Exploit:Win32/Pdfjsc.ABS will not recognized

The new PDF Exploit "Pdfjsc.ABS", which travels with a lot of Emails (for instance: "Here is the new Elster program" - Elster is the name of a german tax program), will not recognized by PAN-Firewall. Neither on Email nor on Webtraffic, so i can atta

...

mhuels by L3 Networker
  • 3202 Views
  • 4 replies
  • 0 Likes

Resolved! Monitor NAT Traffic?

Can anyone think of a method to monitor the NAT Translation?  The back story is this... We have remote access points that point to a public IP address and then get NAT over to the private address of the wireless controllers.  When we migrated to the

...

mcw015 by Not applicable
  • 17939 Views
  • 1 replies
  • 0 Likes

incomplete action

hello

we have our own web server which we host web sites from

I have setup my incoming nat rule follow

source zone = untrusted

des zone = umtrusted

des address = my internet port ip

service = service-http

des tran = my local web server ip

Security rule

sou

...

High Dataplan CPU PA2050-4.1.6

I have only 28,000 active session at this time, which isn't a lot, and my CPU is roughly between 70-80% constantly.  We are in our summer semester at school which doesn't have a lot of users on our network. I am nervous when people return in the fall

...

u10723 by Not applicable
  • 1896 Views
  • 1 replies
  • 0 Likes

Resolved! what's mean counter url_request_pkt_drop?

Hello guys.

I experienced increasing constantly counter "url_request_pkt_drop" when installed PAN to customer. PAN showed that counter means "the number of packets get dropped because of waiting for url category request"

So I think that means simply pa

...

ttongfly by L3 Networker
  • 4886 Views
  • 3 replies
  • 0 Likes

Resolved! Backup and restore Config

I have a PA-500 Firewall running software version 4.1 and have to make some rather drastic firewall changes due to changing ISP's and outside IP addressing.  I would like to backup and save my configuration, in case I mess something up.  How can I ta

...

kaysun by L1 Bithead
  • 3766 Views
  • 1 replies
  • 0 Likes

Skype & unknown traffic

Hello PAN,

It seems to me that in order to have skype working correctly - particually with multi-site PA's with Site2Site VPN tunnels in between - it is nessesarely to enable both unknown-tcp & unknown-udp.

At least - all our connection problems / deli

...

sitecore by Not applicable
  • 2234 Views
  • 2 replies
  • 0 Likes

Resolved! Known Malware passing through PA to Client

Hello PAN,

Today I had a client get infected with the "Windows Privacy Module" Fake AV, This wasn't cought by either PAN OS or Trend Micro while a MalwareBytes scan found it and removed it no problem. Is there something more I can do to increase the o

...

Bvance by L2 Linker
  • 2681 Views
  • 5 replies
  • 0 Likes

Getting Syslog in through PA 500

I have a router just outside my PAN 500, ver 4.0.5. I need to get syslog information in from it for my PCI requirements. Here is my setup:

The following objects are defined:

INT-NPM               Syslog server, IP address 172.15.10.8

TWC-RTR            

...

u7483 by Not applicable
  • 2499 Views
  • 3 replies
  • 0 Likes

URL logging in TAP mode

I have a business requirement to log URLs visited in an "out of line" manner for reporting and usage. There is no requirement to block URLs and it would be of great advantage not to use VirtualWire at this stage(still in pilot).

I understand it is not

...

loki by L1 Bithead
  • 1676 Views
  • 1 replies
  • 0 Likes

Multicast Support

Hi Guys,

Does PAN support IP multicasting to allow one IP packet to be sent simultaneously to multiple hosts for use in multimedia applications and video conferencing?

I did read somewhere that multicast forwarding / routing is now supported from versi

...

  • 24034 Posts
  • 102 Subscriptions
Top Liked Authors
Labels