General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Ensuring a Safe and Secure Community: How You Can Help

 

Dear LIVEcommunity Members,

 

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

safe-community_oct24.jpg
report-content.jpg
jforsythe by Community Team Member
  • 449 Views
  • 0 replies
  • 2 Likes

PA 2020 Active/Passive Cluster on SFP Ports

Hi,

I have two  2020 Palo-Alto firewalls with serial no.0004C102807 and 0004C102848. I have to configure them in Active /Passive Cluster. As per the design the two PA Firewalls are not in the same location and they are at different locations and Ether

...

itsecll by L1 Bithead
  • 2402 Views
  • 3 replies
  • 0 Likes

url filtering with groups moved user

I have 2 surfing policies one referencing group1 the other group2

if I move a user from group 1 to group 2 he is still restricted by the group 1 policies

how do I force the panagent to look again and get the list of group to user again

PA in active-active mode and Cluster ID

Dear all,

we ran into a strange problem tonight.

We are running PA 4.0.8 in active/active because me might encounter asymmetric routing.

We have two A/A clusters in different data centers. Both clusters have the same cluster ID.

The traffic is going only

...

AndreasB by L2 Linker
  • 2187 Views
  • 1 replies
  • 0 Likes

Bulk creation of host objects

We need to create a large number host objects (i.e. IP address objects).  Tech support only pointed us to a KP article "Using the XML API" which is Greek to me.  Does anyone have any suggestions/solutions?  I would think that someone would have neede

...

legeremt by L0 Member
  • 4613 Views
  • 5 replies
  • 0 Likes

Trap SNMP for threat

Hi all,

From the mib file named PAN-TRAPS.mib I can see that there are some information about threat objects.

Is there anybody who knows how to use this.

I have tried to generate some threats but no traps were sent to the manager.

Thanks

Bruno

Need assistance creating a custom application

     I have a warehouse management system, and I need to identify the traffic from the WMS client. 

Here is a section of the tcp stream from a packet capture:

V103^46^^~0~~0~~-1^=^002050^get encryption information

V103^45^45736^0^0^^1^1^s^~name~4

...

bhayes by L1 Bithead
  • 2254 Views
  • 3 replies
  • 0 Likes

Routing between Virutal Systems with a VWIRE

We currently have our Main PA configured in a VWIRE deployment with a TRUST and UNTRUST Zone.  We have many different VLANs on our network and the default route for all internet bound traffic passes through the VWIRE.

We want to configure multiple VSY

...

What is everyone using for anti-spam?

Sorry if this is inappropriate here, but I figure who else better to ask than other Palo Alto Networks customers.

As much as I love our PANs, unlike some other firewalls, they don't really help with spam. So I'm wondering if other users would mind sha

...

bjdraw by Not applicable
  • 4979 Views
  • 2 replies
  • 0 Likes

Resolved! Allowing access to Facebook and Twitter

We have a setup where we restrict users access to personal and social sites like twitter and facebook to lunchtimes and out of hours, which is working fine using a schedule.

We however have a select group of users who require full time access to faceb

...

lhank by L0 Member
  • 6458 Views
  • 5 replies
  • 0 Likes

FQDN and DNS failure

I'm looking to use FQDNs inside Address Objects but have some reservations.  What happens if my DNS goes down, or becomes corrupted for some reason.  In other words, when using FQDNs, what happens if the PA can't resolve the address?  Is all traffic

...

  • 23703 Posts
  • 110 Subscriptions
Top Solution Authors
Labels