General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Dropping of SNMP polling when committing changes

I have a pair of PAN-500 in HA on 3.1.9 and our NMS system polls the PAN using SNMP.Everytime I commit a rulechange, i noticed that it stops answering SNMP requests for about 2 minutes.The PAN still passess traffic but I've seen this with ruleset commits and software or definition updates.Is this by design?

Resolved! View NAT table

Is there a way from the CLI to view the NAT table? For example, I want to see what NAT address my host is allocated when I initiate connections to the Internet. I am running software version 3.1.9 on a PA-4020 appliance.

adoble by Not applicable
  • 4784 Views
  • 1 replies
  • 0 Likes

Monthly PDF Reports

Anyone know of a way to automatically run reports for the last 30 days and email them out? Seems so simple, yet the interface won't allow it!Help!

Resolved! SSL-Decrypt with ftp protocol

Hi, could I use SSL-Decrypt wiht FTP-SSL (no secure ftp). It seems doesn't work, if you put "decrypt" in SSl-Decryption the ftp connection begin but it stops and never shows the palo Alto certificate. I've put "any" in category column but I've tested with unknown too. Could it be that the SSL-Decryption doesn't work if the destination is not a U...

How to match custom SSL based applications

I'm trying to tag a particular application protocol that used TLS/SSL as a security wrapper.The most accurate way I can ID this application protocol is to match against the FQDN subjectName returned by the server during the certificate handshake.I've setup a custom App-ID configured as:-Parent App: sslPort: tcp/443Pattern Match: Context: ssl-rsp...

apackard by L4 Transporter
  • 3314 Views
  • 2 replies
  • 0 Likes

Make a feature request

Hey All; We usually get through our SE to make feature requests. Is there a way to submit these online ?If so mine are :1) Websense Style Report URL filter: Access time by category of user traffic2) Daily usage report categorized by categories with icons, like Websense.3) Ability to import dictionary of regex into the DLP component (including ...

amansour by L4 Transporter
  • 2821 Views
  • 1 replies
  • 0 Likes

SSL 1.3.1 changes

I'd like to upgrade to the 1.3.x SSL client to support OSX Lion. I'm concerned about the comments that I've seen about the upgrade not working for PC users that are not administrators on their machines. Does anybody know if the 1.3.1 SSL client addresses that issue? I looked at the release notes and didn't see any mention of the changes between ...

jhpdart by Not applicable
  • 2904 Views
  • 3 replies
  • 0 Likes

changing computers on network from static to dhcp

we are now changing over to dhcp on our network for our computers and they are currently setup with static ip. Any computer in palo that is blocked from the internet or going outside is setup with the name of workstation and the ip address. Since the ip addresses are going to changeeverytime they reboot how am i going to be able to keep those...

mprogc by Not applicable
  • 1952 Views
  • 1 replies
  • 0 Likes

Captive Portal auto popup

I was wondering if there was any way to have the browser popup with the CP login page whenever a user tries to use anything (email, chat, etc) that requires internet connectivity. I've seen this in some hotels before and think it would be useful here. Just so they know what they have to do to be able to get out. We have most things blocked fo...

bvest by Not applicable
  • 2821 Views
  • 1 replies
  • 0 Likes

OSPF Resets

While doing some testing on a PA pair at a new site, I noticed that at least one type of configuration change would apparently cause OSPF to reset and lose all of the routes out of the site. Specifically, I was enabling and disabling IPv6 on interfaces. When I would commit the change, the site would drop communications for thirty seconds or so u...

cosx by L2 Linker
  • 2044 Views
  • 1 replies
  • 0 Likes

Poor Man's HA

Greetings,We have a single PA-500 which we will be putting guest (non-critical) internet traffic behind. Currntly it is patched in as such:eth1/1: L3 - Trustedeth1/2: L3 - UntrustedIs there anyway to leverage HA between interfaces on the same device? Reason being is if one of the up-stream switches fails, I'd like to not have to physically mov...

mrsold by Not applicable
  • 3525 Views
  • 4 replies
  • 0 Likes

NetConnect OS support

When will NetConnect support Linux/Unix and Ipad? Am I correct that currently Netconnect only supports:Windows 7 32-bitWindows 7 64BitMacOS 10.5 32-bitMacOS 10.6 32-bit??

general problems

hi, we cant use automated updates since Nov 24th .when i try to update from dynamic updates it gives this error. ”Failed to check content upgrade info due to generic communication error. Please try again later”. when i try to update from file it looks like this. 221-813, 221-813 Unknown Unknown 0 KB Unknow...

blueteam by Not applicable
  • 5887 Views
  • 7 replies
  • 0 Likes

HTTPS apps identified without decryption

Hi all,in my configuration I have neither SSL Decryption implemented nor URL Filtering. I only have 1 policy: "trust to untrst accept all" in Vwire. PANOS 4.0.2If, from my PC behind PAN device, I try to go to: _https://www.facebook.com_PAN device shows me the app facebook-base in the Traffic Logs.If I put a block policy for all facebook traffic ...

  • 24400 Posts
  • 123 Subscriptions
Top Solution Authors
Labels