General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

 

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! 

 

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 1730 Views
  • 0 replies
  • 0 Likes

How to sync Captive Portal Redirect Host in A/A - Setup ?

Hi *,

I have problems to sync Captive Portal Settings in a Active/Active HA-Setup.

I configure the CP on the active primary host as follows :

     Enable Captive Portal - checked

     Server Certificate - cp-cert

     Authenticaation Profile - company-rad

...

PAN agent Group cache on PAN

Hello, I'm using PAN OS 3.0.5 and doing

> debug device-server dump user-group name

followed b the tab I'm seing very old group that are not anymore in the Filter group member of the pan-agent. It seams that the PAN have cached the olds user/group relat

...

PA 5050 HA Failover Premeption

I have configure Active/Passive HA between two PA 5050 Firewalls. One is at high(passive) Priority and another is low(Active). I have also configure Preemtion on Active Firewall, meaning if somehow Active PA fail ,the Passive become active ,but when

...

itsecll by L1 Bithead
  • 2305 Views
  • 2 replies
  • 0 Likes

blocking file-sharing subcategory

I would like to block everything in the file-sharing subcategory of the general-internet category. Currently we are allowing this subcategory.

I would like to see what the impact of a policy like this would be, so I setup a policy for this subcategory

...

KenKruger by Not applicable
  • 3306 Views
  • 3 replies
  • 0 Likes

request restart software

I had an issue where mgmt server and device srvr both where high in memory usage and commits where not taking place.

I issued the following commands

debug software restart device-server

debug software restart management-server

with no change except that

...

GlobalProtect OnDemand mode

Hello,

We use PAN OS 4.1.1 and GlobalProtect 1.1.0, free version of GlobalProtect.

We have configured GlobalProtect in OnDemand mode.

When the GlobalProtect software starts it connects to the PA and try's to logon with the stored credentials (Username /

...

Exploit:Win32/Pdfjsc.ABS will not recognized

The new PDF Exploit "Pdfjsc.ABS", which travels with a lot of Emails (for instance: "Here is the new Elster program" - Elster is the name of a german tax program), will not recognized by PAN-Firewall. Neither on Email nor on Webtraffic, so i can atta

...

mhuels by L3 Networker
  • 4176 Views
  • 4 replies
  • 0 Likes

Resolved! Monitor NAT Traffic?

Can anyone think of a method to monitor the NAT Translation?  The back story is this... We have remote access points that point to a public IP address and then get NAT over to the private address of the wireless controllers.  When we migrated to the

...

mcw015 by Not applicable
  • 23378 Views
  • 1 replies
  • 0 Likes

incomplete action

hello

we have our own web server which we host web sites from

I have setup my incoming nat rule follow

source zone = untrusted

des zone = umtrusted

des address = my internet port ip

service = service-http

des tran = my local web server ip

Security rule

sou

...

High Dataplan CPU PA2050-4.1.6

I have only 28,000 active session at this time, which isn't a lot, and my CPU is roughly between 70-80% constantly.  We are in our summer semester at school which doesn't have a lot of users on our network. I am nervous when people return in the fall

...

u10723 by Not applicable
  • 2229 Views
  • 1 replies
  • 0 Likes

Resolved! what's mean counter url_request_pkt_drop?

Hello guys.

I experienced increasing constantly counter "url_request_pkt_drop" when installed PAN to customer. PAN showed that counter means "the number of packets get dropped because of waiting for url category request"

So I think that means simply pa

...

ttongfly by L3 Networker
  • 5887 Views
  • 3 replies
  • 0 Likes

Resolved! Backup and restore Config

I have a PA-500 Firewall running software version 4.1 and have to make some rather drastic firewall changes due to changing ISP's and outside IP addressing.  I would like to backup and save my configuration, in case I mess something up.  How can I ta

...

kaysun by L1 Bithead
  • 4298 Views
  • 1 replies
  • 0 Likes
  • 24224 Posts
  • 117 Subscriptions
Top Liked Authors
Labels