General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

4.0.8 Object Name Change Not Updated In Policy

I used to be able to make changes to objects (address/groups/application groups) ect. But now when I made the change I have to go through my policies and NATs and update them manually. Any ideas? Is there an update object option that I'm not aware of

...

Error message for role based Administrator

Error message when role based admin user is trying to log into UI:

User does not have access to any device groups. Device groups are needed to access the 'Policies' and 'Objects' tab. Please ask your administrator to give you access to one.

---

The goal

...

bbsoc by L2 Linker
  • 2006 Views
  • 2 replies
  • 0 Likes

Reconnaissance Protection

hi : In regard to the settings for Port Scans and Host Sweeps:

What counts as an event toward reaching the threshold? Is it a SYN packet or are other types of packets counted?

Thanks

wlu by Not applicable
  • 2921 Views
  • 1 replies
  • 0 Likes

Anyone tried to connect GP from iphone/ipad with ClientCert?

I'm tring to connect GP from iPhone5 and iPad4.3.3 with Client Cert Auth.

I can't see the establishment of IPSec VPN, however, I could establish VPN from Windows with same client cert.

I want to see the working sample cofiguration.

Could anyone share th

...

emr_1 by L5 Sessionator
  • 2451 Views
  • 1 replies
  • 0 Likes

SSL-VPN on Mac can't route traffic after sleep

On many of our Mac clients that are using SSL-VPN, if they are connected to the VPN and they close their Mac's (putting it to sleep), when the mac's are awoken, they can't route any traffic. 

The only cure seems to be:

sudo route -n flush

Is there any

...

Lookout by Not applicable
  • 1938 Views
  • 1 replies
  • 0 Likes

Data filtering by name

Is there a way to block a specific file name, not just a file extension? Is it possible to accomplish this using a custom data pattern?

jgeyer by L0 Member
  • 1834 Views
  • 1 replies
  • 0 Likes

GRE issues with 4.1.0 ?

Good morning,

we run PanOs 4.1.0 on a couple of new sites, but we are not able to make GRE tunnel works. The sceario is IPsec Tunnel between 2 firewalls (PA-2020 to PA-5050), GRE tunnels built inside the IPsec on Cisco routers.

IPsec is ok and ping is

...

fm_eng by L1 Bithead
  • 2292 Views
  • 2 replies
  • 0 Likes

Pan os 3.1.8 VirtualWire and Microsoft NLB Problems

Good morning

I have a Virtual Wire configured on a PAN-2050 with Pan OS 3.1.8 and I connect in one Interface of it a Microsoft ISA Server 2004 and in the other interface a Catalyst Cisco Switch.

This Microsoft ISA SERVER 2004 has a Microsoft Load Balan

...

Pepen by L1 Bithead
  • 1528 Views
  • 1 replies
  • 0 Likes

App ID Classification

I noticed that Sophos anti-virus is classifed under business-systems/management, while McAfee, Symantec, Panada are all classifed under business-systems/software-update.

Seems to me Sophos is misclassified under the wrong sub-cateogry.

snormoyle by Not applicable
  • 1531 Views
  • 1 replies
  • 0 Likes

Update problems, PANOS 4.0.5

Hi, I need some help about a PAN update trouble, since december of last year can't update all the signatures of threats, APP's, url filtering and antivirus.

On the dynamic update section, when checking for new version, shows an error:

Failed to check c

...

How to identify specific object usage ?

Hello,

Is there a way to easily find out where a specific object is used in the policies ?

I know that I can use the filter filed in the policy tab (by using "drag and drop" or filter drop-down menu). However, when using group objects for multiples add

...

ldormond by L3 Networker
  • 3344 Views
  • 7 replies
  • 0 Likes

Resolved! User Identification - 4.1 LDAP - AD

Hi,

I have upgraded to 4.1 and added a ldap-server profile to the config so the firewall does the query instead of the user-id-agent.

When I go to group-mappings settings ( under user-identification ) and select the tab 'Group Include List',
I can see t

...

paulmeys by L1 Bithead
  • 3177 Views
  • 3 replies
  • 0 Likes

Retrieve Primary group of a user

Hi,

I've just upgraded my PA-2050 to 4.1.1 and configured LDAP servers and group mapping for building some policies rules based on AD groups.

Everything works well except one thing.

The primary group of a user is not retrieved.

And this is a problem beca

...

pboegli by L1 Bithead
  • 2115 Views
  • 2 replies
  • 0 Likes
  • 23591 Posts
  • 103 Subscriptions
Top Solution Authors
Top Liked Authors
Labels