General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

How and Why to Accept a Solution to Your Post

Did you know that you can help your fellow community members by accepting solutions when a reply answers your question Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature

...

JayGolf_0-1691518400714.jpeg
JayGolf by Community Team Member
  • 870 Views
  • 1 replies
  • 8 Likes

User-ID doubt

I have some problems with user identification and I'm very confused about how it works.

In the case that we use User-ID agent with AD. Is it the following process correct?

1.A user makes a logon in PC-A , with his domain credentials.

2.An event is creat

...

teamviewer download

I tried to download temaviewer (TeamViewer_Setup_it.exe) but the firewall pa500 blocked me like viruses Trojan/Win32.agent.ckovs what should I do?

Molteni by L0 Member
  • 1449 Views
  • 1 replies
  • 0 Likes

Resolved! Support on PA for UNIX-Syle tracerouts

Does PA support unix-style tracerouts. I have enabled ICMP and PING, but tracerouts from unix hosts through palo alto are still being denied. Looking at this a little bit further, we noticed that windows-style tracerouts use ICPMP echo requests and r

...

bbivolaku by Not applicable
  • 2934 Views
  • 3 replies
  • 0 Likes

Securing SSH

Is it possible to secure SSH with a public/private key or some other means.  I have noticed an extremely high number of logon attempts, and want to block these as much as possible.  I am sure I can lock it down to certain source IP addresses, but I w

...

bschaper by L2 Linker
  • 1307 Views
  • 1 replies
  • 0 Likes

Resolved! Virtual Systems with Different PAN-OS versions

Hi All,

I heard that its possible to have a vsys with a different PAN-OS that the others, to do such things as test the PAN-OS upgrade out with rules, etc before applying it across the board to all.

What I can't see in the appliance UI, is how to do th

...

KatanaNZ by L3 Networker
  • 1812 Views
  • 1 replies
  • 0 Likes

Admin roles and Vsys

Hi All,

I'm trying to create a role based user, that is specific to a vsys. when creating a user when logged in as the superuser,

I can't create a user, and select the RoleBased profile that is based on a vsys, as the ok button grey's out.

Is there a st

...

KatanaNZ by L3 Networker
  • 1711 Views
  • 1 replies
  • 0 Likes

NTLM security credentials warning over VPN

Hi,

We have a couple of Linux Samba servers that can only talk NTLM 0.12 dialect(this is from packet captures).

If I am connecting to a Linux Samba share from the internal LAN my Win 7 client(that supports up to SMB 2.0) negotiates down to NTLM 0.12 an

...

Cannot download a file on php.net

Hi,

I have an issue wen my co-worker try to download a file from php.net.
I cannot find wich progam is called in my policies rules.

The file is available at :  http(s)://pecl.php.net/get/oci8-1.4.6.tgz  and cannot download it.

Thank you and sorry for my

...

ffgolf by L0 Member
  • 1694 Views
  • 3 replies
  • 0 Likes

Native VLAN configuration

I have configured a  couple of layer-3 subinterfaces on a aggregate, they are tagged as VLAN 700 and VLAN 800, in my cisco switch I have configured a trunk port that permits VLAN 700 and VLAN 800 to pass traffic across it. When plugged in, everything

...

bjaming by Not applicable
  • 5261 Views
  • 7 replies
  • 0 Likes

How to select multiple objects at the same time ?

Hello,

I wnder that there is no way to select multiple objects at the same time when creating a group object ? Indeed, when I create several addresses, and I create a group to inculde all these addresses, I have to select one address at a time.

Immagin

...

ldormond by L3 Networker
  • 3349 Views
  • 5 replies
  • 0 Likes

Resolved! PA-4020 max NAT rule limit?

I am getting very close to the 1000 max NAT rule limit on my PA-4020's, are there any plans to increase this limit in future releases of PANOS or is my only option to upgrade to a PA-4050?

debsPal0 by Not applicable
  • 3202 Views
  • 8 replies
  • 0 Likes

OSPF - BGP : Route-map control

Hi,

I've the following setup.

Two PA5020 in Active/Passive setup.

One VR = STX-VR

Running OSPF & BGP instances.

Primary firewall joined in OSPF since i have interface e1/1 joined Area : 0.0.0.0

Primary firewalls joined in BGP since i have interface e1/2

...

Top Solution Authors
Top Liked Authors