General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Increased Data Plane CPU Utilization in 4.1.4?

We recently upgraded our PA-4020s from 4.0.9 to 4.1.4 a few weeks ago.  However, since the upgrade, we have noticed a 20-25% increase in our data plane CPU.  We usually averaged around 40% during business hours, but lately it has increased to 60-65%.

...

sham by Not applicable
  • 2112 Views
  • 3 replies
  • 0 Likes

CLI command for LDAP status in 4.1.4

Hi,

I am trying to setup a server profile for LDAP in PAN OS 4.1.4

Unfortunatelly I only see some groups of users but not the individual users themself.

Running the command "show users ldap-server" is not available in 4.1.4.

Attached is a screenshot of t

...

cschmi by Not applicable
  • 9148 Views
  • 16 replies
  • 0 Likes

Resolved! Is there a way to copy partial configs?

If I had a cisco, I could copy/paste partial configs between devices, is there away to do this with the PA?

I have some tunnels that need to get built across several firewalls, but I dont want to go to each one.

erantanen by Not applicable
  • 2538 Views
  • 2 replies
  • 0 Likes

Resolved! DHCP, AD and VLANS

We've just purchased our Palo Alto and are getting ready to configure. I just had a quick question on using AD.

Currently we have HP Procurves connected to a Radius server and Active Directory running DHCP. We'd like to simply and take the Radius serv

...

amariano by Not applicable
  • 3117 Views
  • 3 replies
  • 0 Likes

Resolved! DHCP max number of clients

Hello world,

My company is considering deploying a PA box to do some basic routing, NAT'ing, and other functions. One of those is dhcp. We'd like to use the PAN to serve up dhcp addresses for a number of VLAN's. What's the max number of clients that c

...

markjx by Not applicable
  • 2746 Views
  • 3 replies
  • 0 Likes

FAIL OVER SWITCHs

Hi guys ,

i want to explain my problem.

I have a 2 switches in fail over with link aggregate with 3 vlan`s. (LAN , SAN , Management)

I have one PA-500.

So

How can i configure my PAN interfaces , when 1 switch fail , the 2 switch get all flow and my fire

...

Thiago by L3 Networker
  • 3348 Views
  • 9 replies
  • 0 Likes

Resolved! Inconsistencies in Panorama?

Whether I am viewing the Security rules in Panorama or from the 2050, I noticed that the Security rules are listed on both the firewall and in Panorama.  However, this is not he same for the Policy Based Forwarding rules. The Policy Based Forwarding

...

Resolved! Commit Failed (4.0.4)

Hello,

Commit on our PA4050 Cluster running in Active-Passive mode on PANOS 4.0.4 is not working since today.

We get the following messages :

OperationCommitStatusCompletedResultFailedDetails 
  • device: config commit phase 1 aborted
  • Management server faile
...

Duplem by L2 Linker
  • 7704 Views
  • 8 replies
  • 1 Likes

SSL Decryption and Spoofing

If I enable SSL decryption and the PAN effectively works as a "man-in-the middle", the client recieves a cert error saying the certificate has not been generated by the destination server. No problem, as I can add the PAN cert as a trusted cert in my

...

Facebook-chat not blocking for specific account!!

hello !

I 'have seen on the same PC with the same windows user a strange problem:

when a user  is connected  on his facebook, I can see in the log facebook-chat DENY and the chat is blocked

when the same user is connected with an another facebook accoun

...

alle by L3 Networker
  • 3849 Views
  • 6 replies
  • 0 Likes

Resolved! Palo-Alto and Cisco WAAS

Hello,

We are migrating to a Palo-Alto 4020 cluster from our PIX firewall cluster. I have a question regarding Cisco WAAS and WCCP v2 traffic. The front end router redirects to a Cisco WAE via WCCP services 61 and 62. Both WCCP and the WAE mark the o

...

Dual ISP, PBF and DMZ

Hello.

I have a specific question about certain situation. There is a customer with 2 ISPs, let's call them ISP1 and ISP2. Customer has a single PA device to which both ISPs are connected. Each ISP provides a block of public IP addresses which are rou

...

santonic by L6 Presenter
  • 5515 Views
  • 11 replies
  • 0 Likes

Maximum number of UserID Agents for 4.1.x ?

Whats the maximum number of UserID agents that can be configured to talk to the firewall ?

ie. Will the firewall complain if we have 200+ userID agents configured to talk to it?

I know each agent can monitor a maximum of 100 domain controllers.. but ho

...

ucteam by Not applicable
  • 4504 Views
  • 10 replies
  • 0 Likes

static routes

Hi

I have 4 interfaces;

eth1/1 = sub1 -> 10.10.1.1/24

eth1/2 = sub2 -> 10.10.2/1/24

eth1/3 = mpls -> 10.10.3/1/24

eth1/8 = wan -> x.y.z.w

default router on all interfaces

but now I need to route all 0.0.0.0/0 traffic from sub1 over the MPLS (10.10.3.10) and

...

FlexyZ by L3 Networker
  • 3044 Views
  • 6 replies
  • 0 Likes
  • 24301 Posts
  • 99 Subscriptions
Top Solution Authors
Top Liked Authors
Labels