General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Thank You for Filling Out the LIVEcommunity Experience Survey!

If you've visited LIVEcommunity anytime recently, you've probably seen a pop-up asking for your feedback. We've deployed this survey since April 2020 for new and returning visitors alike as a way to gather feedback from our users. 

 

In the past six

...

survey-livecommunity.png
jforsythe by Community Team Member
  • 14536 Views
  • 1 replies
  • 4 Likes

Resolved! Best method to block Instant Messaging

Working for a State Government agency, we are required to keep a record of any official electronic communication.  Using public Instant Messaging services creates a problem for us in that we don't have a mechanism for keeping copies of any transactio

...

merrydc by L1 Bithead
  • 1804 Views
  • 3 replies
  • 0 Likes

Lost Newbie - TAP Interface

We bought a PA-500 just to start kicking the tires. I was ready to see a Juniper style GUI but was quickly lost in the PA Interface. Here is what I am looking to do, maybe someone can give me a quick list of configuration steps.

All we want to do is t

...

jickfoo by Not applicable
  • 1265 Views
  • 2 replies
  • 0 Likes

VeriSign VIP Authentication Service

Does PAN OS 3.1.2 support VeriSign's VIP Authentication Service for the SSL VPN connection? We are looking at setting up two-factor authentication for our VPN clients.

http://www.verisign.com/authentication/two-factor-authentication/vip-authentication

...

mharding by L4 Transporter
  • 1396 Views
  • 2 replies
  • 0 Likes

Communication Problem between Lan and DMZ

Hi,

We have PAN 500 device with us..deployed in L3 mode.Lan and DMZ communication is happening only if i have NAT rule in place with the destination zone and interface mentioned (but no natting be done)between them.Do we really require a NAT rule in

...

Missing data in TRAFFIC logs

Hi

PANOS ver: 3.0.5

Device: PA-2020

Exported traffic logs contains information about which protocol is used, however if the protocol is ICMP the type and code is not displayed. I a specific case im looking at right now both application and protocol is i

...

u2521 by Not applicable
  • 1087 Views
  • 1 replies
  • 0 Likes

Missing fields in URL log

Hi

PANOS ver: 3.0.5

Device: PA-2020

Did some exports of the sublogtype: URL and got the following columns/fields:

Domain,Receive Time,Serial #,Type,Threat/Content Type,Config Version,Generate Time,Source address,Destination address,NAT Source IP,NAT Dest

...

u2521 by Not applicable
  • 1264 Views
  • 1 replies
  • 0 Likes

Resolved! .com and .net sometimes blocked as spam?

Running 3.1.2 and have quite a few instances in our PAN log where for some reason a URL (not noticed a pattern other than the URL preceding the problem URL is typically really damned long and some sort of query/search) is blocked and all that shows o

...

Resolved! SSL Decryption Fails: sec_error_reused_issuer_and_serial

In the newest PA-OS 3.1.2 seems to be a problem with the Proxy-Certificate.

If browsing with Firefox, you get "Errocode: sec_error_reused_issuer_and_serial" on all HTTPS-Sites, if you have implented the proxy certificate in the certificat store (and i

...

mhuels by L3 Networker
  • 2625 Views
  • 6 replies
  • 0 Likes

Access into the panorama database

Hi All,

What access is there, if any, into the database within panorama, for a prospect that is using an automated response/ticketing system?

We would want to be able to periodically query the database, for example to extract out infected workstations,

...

KatanaNZ by L3 Networker
  • 1439 Views
  • 2 replies
  • 0 Likes

DNS Zone Tranfers not working through PA

Hello,

I have a PA in front of a DNS server and since the date we installed the PA, the DNS zone Transfers to the remote site is not working.

The remote DNS admin stated that there are timeouts and that the firewall should allow fragmented packets to p

...

vinesh by L2 Linker
  • 1261 Views
  • 1 replies
  • 0 Likes

Custom Reports - Incorrect Dates

Hello,

We are currently running 3.1.1 Panorama code.  Are there any known issues with creating custom reports and the output shows dates in the future? For instance if we create a report and choose a custom date selection (last 2 weeks for example). 

...

CRHC by L4 Transporter
  • 1620 Views
  • 4 replies
  • 0 Likes

RADIUS (not Active Directory) and Allow List

Hi, I'm configuring a RADIUS different than Active Directory, I use Radius users for SSL-VPN and GUI and all works fine but always I've to add manually the Radius user to Allow List in Authentication Profile, is there any way to avoid this. If I've t

...

internet load balancing

Hi,

Our customer has existing Sonic wall TZ210 , they confiugred Load balaning between internet links. 90% of traffics are going through the primary link & 10% ie, defined traffic from few computers are going through the secondary link.

Now we want to

...

Block msn-file-transfer security rule in VWire mode

Hi All,

I configured my PA2020 to block msn-file-transfer from any any but it doesn't work. I checked Monitor traffic log already show "Deny" on msn-file-transfer. However, it is successful to transfer a file in msn in my test lab. Below is my rule se

...

Top Liked Authors