General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Threat Vector, a Unit 42 Podcast, is Now on LIVEcommunity!

We have some exciting community news to share: Threat Vector, a Unit 42 podcast, is now on LIVEcommunity!

 

Threat Vector is your compass in the world of cyberthreats. Listen to this biweekly podcast to learn about unique threat intelligence, cutting

...

jforsythe by Community Team Member
  • 283 Views
  • 0 replies
  • 0 Likes

How and Why to Accept a Solution to Your Post

Did you know that you can help your fellow community members by accepting solutions when a reply answers your question. Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature

...

JayGolf_0-1691518400714.jpeg
JayGolf by Community Team Member
  • 3610 Views
  • 2 replies
  • 14 Likes

PA 5050 HA Failover Premeption

I have configure Active/Passive HA between two PA 5050 Firewalls. One is at high(passive) Priority and another is low(Active). I have also configure Preemtion on Active Firewall, meaning if somehow Active PA fail ,the Passive become active ,but when

...

itsecll by L1 Bithead
  • 1804 Views
  • 2 replies
  • 0 Likes

blocking file-sharing subcategory

I would like to block everything in the file-sharing subcategory of the general-internet category. Currently we are allowing this subcategory.

I would like to see what the impact of a policy like this would be, so I setup a policy for this subcategory

...

KenKruger by Not applicable
  • 2346 Views
  • 3 replies
  • 0 Likes

request restart software

I had an issue where mgmt server and device srvr both where high in memory usage and commits where not taking place.

I issued the following commands

debug software restart device-server

debug software restart management-server

with no change except that

...

GlobalProtect OnDemand mode

Hello,

We use PAN OS 4.1.1 and GlobalProtect 1.1.0, free version of GlobalProtect.

We have configured GlobalProtect in OnDemand mode.

When the GlobalProtect software starts it connects to the PA and try's to logon with the stored credentials (Username /

...

Exploit:Win32/Pdfjsc.ABS will not recognized

The new PDF Exploit "Pdfjsc.ABS", which travels with a lot of Emails (for instance: "Here is the new Elster program" - Elster is the name of a german tax program), will not recognized by PAN-Firewall. Neither on Email nor on Webtraffic, so i can atta

...

mhuels by L3 Networker
  • 3026 Views
  • 4 replies
  • 0 Likes

Resolved! Monitor NAT Traffic?

Can anyone think of a method to monitor the NAT Translation?  The back story is this... We have remote access points that point to a public IP address and then get NAT over to the private address of the wireless controllers.  When we migrated to the

...

mcw015 by Not applicable
  • 16413 Views
  • 1 replies
  • 0 Likes

incomplete action

hello

we have our own web server which we host web sites from

I have setup my incoming nat rule follow

source zone = untrusted

des zone = umtrusted

des address = my internet port ip

service = service-http

des tran = my local web server ip

Security rule

sou

...

High Dataplan CPU PA2050-4.1.6

I have only 28,000 active session at this time, which isn't a lot, and my CPU is roughly between 70-80% constantly.  We are in our summer semester at school which doesn't have a lot of users on our network. I am nervous when people return in the fall

...

u10723 by Not applicable
  • 1857 Views
  • 1 replies
  • 0 Likes

Resolved! what's mean counter url_request_pkt_drop?

Hello guys.

I experienced increasing constantly counter "url_request_pkt_drop" when installed PAN to customer. PAN showed that counter means "the number of packets get dropped because of waiting for url category request"

So I think that means simply pa

...

ttongfly by L3 Networker
  • 4701 Views
  • 3 replies
  • 0 Likes

Resolved! Backup and restore Config

I have a PA-500 Firewall running software version 4.1 and have to make some rather drastic firewall changes due to changing ISP's and outside IP addressing.  I would like to backup and save my configuration, in case I mess something up.  How can I ta

...

kaysun by L1 Bithead
  • 3680 Views
  • 1 replies
  • 0 Likes

Skype & unknown traffic

Hello PAN,

It seems to me that in order to have skype working correctly - particually with multi-site PA's with Site2Site VPN tunnels in between - it is nessesarely to enable both unknown-tcp & unknown-udp.

At least - all our connection problems / deli

...

sitecore by Not applicable
  • 2153 Views
  • 2 replies
  • 0 Likes

Resolved! Known Malware passing through PA to Client

Hello PAN,

Today I had a client get infected with the "Windows Privacy Module" Fake AV, This wasn't cought by either PAN OS or Trend Micro while a MalwareBytes scan found it and removed it no problem. Is there something more I can do to increase the o

...

Bvance by L2 Linker
  • 2556 Views
  • 5 replies
  • 0 Likes
  • 24179 Posts
  • 100 Subscriptions
Top Liked Authors
Labels