General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

ftp export log traffic query

Hello, does everyone know what could be a possible acceptable values for that "query" command?I would like to export traffic logs from the PA box to an SCP/FTP external server, but don't want to copy all the entire traffic log.That "query" command sounds like "make a query from some sources IP/zones and so on...", but I couldn't find any rele...

Syncplicity

Hello,I've just started working with a PA-500. I miss the ability to block Syncplicity. Do I missing something? Or is it not supported? Thank you in advance, Hans

Resolved! Outbound NAT

I am getting the error "Mismatch static-ip address range between original address and translated address" when I try to create a corporate outbound NAT rule. The rule is as follows:trust -> untrust -> src (10.0.0.0/8) -> dest(any) -> src trans static IP (x.x.x.x/32) bi-directional (no)

craymond by L4 Transporter
  • 3746 Views
  • 3 replies
  • 0 Likes

Security certifications (ICSA, Common Criteria EAL)

Paloalto devices has some /* Style Definitions */ table.MsoNormalTable {mso-style-name:"Table Normal"; mso-tstyle-rowband-size:0; mso-tstyle-colband-size:0; mso-style-noshow:yes; mso-style-parent:""; mso-padding-alt:0cm 5.4pt 0cm 5.4pt; mso-para-margin:0cm; mso-para-margin-bottom:.0001pt; mso-pagination:widow-orphan; font-size:10.0...

asecus by Not applicable
  • 6823 Views
  • 6 replies
  • 0 Likes

policy installation proccess

heyi have some policy that gives me warning when i do commit on it so i dont realy understand the policy calculation proccedure, ill be glad if you could explain it to me.i attached a policy screen shot, when i do install policy i get warnings for example face-book chat that it needs web-browsing and jabber to work.lets focus about the manage zo...

minow by L4 Transporter
  • 3433 Views
  • 3 replies
  • 0 Likes

GP Agent error 12044

Hello people,Today we had an issue with a user moving from our old VPN setup to our new GP agent setup.The user kept being unable to connect the agent. The error thrown was 12044.Our setup is validating users w. client certificate against user AD account.It turned out that the cause was a " ' " in the user surname. Once removed and a new user ce...

sitecore by Not applicable
  • 3621 Views
  • 3 replies
  • 0 Likes

Resolved! PAN User ID agent consuming bandwidth

I have gone through these forums, and looked at the various admin guides, but I still need help. Is there really not *detailed* guide to this software?I have the user-id agent 4.1.4 installed on two domain controllers, for HA, and the Palo Alto firewall pointing to both user-id agents. That seems to be working.The problem is that the user agen...

EdwinD by L3 Networker
  • 7916 Views
  • 7 replies
  • 0 Likes

Perfomance on PA 4060 - Huge Disappointment

We are having a poc at an ISP with a 4060 . It is a huge disppointment performance wise . We are seeing very high dataplane utilization on very small sessions. 50% on 220,000 sessions. 38% on 149,000 sessions. This is a box that is supposedly can handle 2M sessions .Palo Alto is claiming there is nothing wrong with the unit as it is performing a...

usvi by L3 Networker
  • 9332 Views
  • 16 replies
  • 0 Likes

Trouble with customizing GP Login Page

Hi,I'm trying to customize my GlobalProtect Portal Login Page. I figured a good way to start would be to export the default page from the PA, modify it, then re-import it. I started out kinda complicated, but for troubleshooting purposes I've just changed a single letter in the page (instead of saying "Palo Alto Networks" it now says "Pallo Alto...

GV27 by L1 Bithead
  • 3706 Views
  • 2 replies
  • 0 Likes

User-ID mapping lost

model: PA-500sw-version: 4.0.11PanAgent: 3.1.2Domain controller: Windows server 2003Client SO: Windows XPUser-ID mapping from AD on my customer's network work fine, but only one user, who is logged on his workstation and also on his notebook, sometime loses IP-user association and PanAgent show his IP with user "unknown".I attach an image with ...

lauro7 by L0 Member
  • 4236 Views
  • 3 replies
  • 0 Likes
  • 24393 Posts
  • 123 Subscriptions
Top Solution Authors
Labels