General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Submitting Suggestions

While creating some File Blocking Profile, I discovered a particular file type I wanted to block was not available. After searching the KnowledgePoint, I came to the realization, that we can't simply add a file type. Other discussions, pertaining to the same topic recommended submitting a suggestion for future release. However, I can't seem t...

TLC_IT by L0 Member
  • 2515 Views
  • 1 replies
  • 0 Likes

tcp_drop_out_of_wnd

Hi,on PanOS 4.0 I have to disable "tcp_drop_out_of_wnd" check with this command :>configuration>set deviceconfig setting tcp drop-out-of-wnd no>commitHow to disable "tcp_drop_out_of_wnd" check on PanOS 4.1 (4.1.5) ??Thanks,Regards.

TCP Timeouts ... Again

I have a bunch of connection, 12 to be exact. From a webserver to a Oracle DB Server. They timeout every 2 hours. They pass through a Cisco ASA and a PA 4020. I've created and override rule with a custom app with no timeout. (see attached)I'm in the position where I need to prove this is not the Palo Alto killing the connection. I'm sure it's n...

jickfoo by Not applicable
  • 10766 Views
  • 7 replies
  • 0 Likes

Help - Userid Responsiveness

We're at the point where we want to apply URL Filtering policies based on userid. This means its very important that Pan-Agent is accurately identifying users. We did a test and added a user to a monitored group. The policy started working properly. We took him out and it took hours before the policy reverted properly.We only have 1 PanAgent dep...

jhickey by L3 Networker
  • 2705 Views
  • 2 replies
  • 0 Likes

Resolved! How to debug commit?

Hi folks,does anybody know how to debug the failing commits on a Palo Alto Firewall? The onliest what i can see is "failure on pushing config to device".user@pan> show jobs allEnqueued ID Type Status Result Completed --------------------------------------------------------------------------2012/04/27 15:12:4...

mhuels by L3 Networker
  • 13002 Views
  • 10 replies
  • 0 Likes

Resolved! redhat ssl-vpn

Is there away to get netconnect to work with redhat?Looking to use it with RHEL 5/6 servers.If so does anyone have a write-up?The client is java based, so I would guess that it should not be hard to get this integrated.

erantanen by Not applicable
  • 2597 Views
  • 1 replies
  • 0 Likes

Issue with Global Protect on 4.1

Hi guys,This is my first Global Protect implementation and running into a snag with I think the portal piece of it. This particular box is not the licensed product with extra features like HIP its just basically the netconnect option. Basically I have followed the 4.1 guide for Global Protect setup and the only thing I did differently was not ...

malleus by Not applicable
  • 2397 Views
  • 1 replies
  • 0 Likes

Resolved! NetConnect using AD logins - catastrophic apostrophe

Seems using non-alphanumeric chars in a username for the NetConnect login is causing an invalid user/pass error. At least one user with the name "O'Brien". You could argue it's not wise to use punctuation in a username, and I'd be inclined to agree. Nonetheless, is this a known bug?Edit: I double-checked by making "Test O'User" and similarly...

nwallette by Not applicable
  • 3699 Views
  • 2 replies
  • 0 Likes

SSL VPN Routing

Client SSL VPN configuration is working from client to server. The client can ping the server no problem. The server however, can not ping the client. What am I missing? The routes on the server appear to be correct, and I'm confident the packets are getting to the firewall but being dropped. I can't see them in the logs though... which to ...

cenders by L3 Networker
  • 3677 Views
  • 3 replies
  • 1 Likes

Problem authenticating SSL VPN with eDirectory Users

HiI have set up a SSL VPN on a PA-500 with Pan OS 4.0.7.The problem is that I cannot log in with certain eDirectory users. I have checked those users are in the same group as the ones that work; that group is the one allowed to log in.I would appreciate any help on this.RegardsEmilio M.

emaneiro by Not applicable
  • 4373 Views
  • 5 replies
  • 0 Likes

Dealing with Drop Box

Hi,Can some one help as we are new to this.We want to blook and application call Drop box, Our users use this application to pull data from external networks wich we want to allow but we want to block drop box sharing our data off our network. could some one help me do this?

payntonm by Not applicable
  • 5065 Views
  • 2 replies
  • 0 Likes

DNS Risk Catagory 4?

Hello,I don't understand why DNS forwarder traffic is considered Risk Catagory 4? I mean how can you use the internet without DNS?Thanks,Daniel

numberall by Not applicable
  • 5103 Views
  • 6 replies
  • 0 Likes
  • 24401 Posts
  • 123 Subscriptions
Top Solution Authors
Labels