General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

MAC Destination Problem (4.0.4)

We have a new pair of PA-2050 (HA).The last two weeks works fine with 4.0.1 but last Thursday I upgraded them to 4.0.4 and two of our networks had problems to go trought the firewalls.I saw in the traffic monitor that the rules were ok and that traffic were allowed, but the response not reach any equipments of that network.Then i use wireshark a...

pan agent

Hello Guys,sorry to bother you.have a question, for Pan agent to identify users traffic. does it use only the management port ? ? ?regards,bp

nettobe by L1 Bithead
  • 3172 Views
  • 3 replies
  • 0 Likes

Resolved! Temperature setting

Does anyone know what the high temperature alert setting is on a PA-500? Are the alerts user configurable?Mike

Activate Zone Protection with default values

Hello,How safe is to activate Zone Protection with default values in terms of having problems with blocking normal traffic afterwards? Is there a way to measure from Palo Alto (3.1.7) the total incoming packets/sec to our network in order to be able to customize the Zone Protection default values?Kind Regards,Andreas

If I enabled AV, PA's speed was degradation.

Hello all. I’d like to know about AV of PA relate to inspection ability and speed degradation. I had a test with Anti-Virus/Spyware signature.When I send a zip compression file throughout PAN(4.0.3), PA’s speed was degradation but if I send a RAR throughput PAN, it is not show speed degradation form PA. There are difference compression method ...

willstech by L3 Networker
  • 2844 Views
  • 2 replies
  • 0 Likes

QoS profile Class names

Hi All,Can the class names ( 1-8 ), be changed, to names instead of numbers?Primarily I'm interested in this for the real time vies via QoS statistics, so its easier to see in the graph, what colours and namesare actually for what application groups that I'm applying QoS too.

KatanaNZ by L3 Networker
  • 2101 Views
  • 1 replies
  • 0 Likes

Resolved! no-decrypt list?

I am looking for a list of sites that are known not to work with SSL decryption but have been unable to find anything. I would like to see a KB article published or a do-decrypt forum so users can post what they find. Citrix published IP addresses for GotoMeetingBlock 1 216.115.208.0-216.115.223.255Block 2 216.219.112.0-216.219.127.255Block 3 6...

ksupport by L0 Member
  • 3420 Views
  • 1 replies
  • 0 Likes

Panorama 4.0.4: storing PANOS images on Panorama-Deployment-Software

Hello, Everybody,we would like to download all the image files of the different PanOS versions we are using, in order to have a local copy of such files.We have downloaded and stored 5 image files with no problem, but when we try the sixth image, it is downloaded, but then we find out that one of the previously stored files has been deleted...Do...

Bucche by L2 Linker
  • 4945 Views
  • 4 replies
  • 0 Likes

Resolved! OSPF and NAT

Hi,I'm running OSPF on my PA-2050 box.I'm doing NAT for a specific subnet and I would like to distribute this subnet with OSPF.Original subnet 192.168.21.0/24NAT subnet 192.168.221.0/24Neighbor routers only knows 192.168.21.0/24, how can I send the NAT subnet ?

URL Filtering Log

Hi all,Are there anyone found URL Filtering log like below:*.dropbox.com/*.settrade.com/*.facebook.com/What does " * " means?

Resolved! App ICMP vs. Ping

When icmp is specified as an application in a rule, it appears that icmp requests and replies do not match that rule. The application ping must be added to the rule for a match to occur against echo request and echo reply packets. Isn't ping a subset of the icmp protocol as a whole? I understand how to make this work by adding the application...

  • 24400 Posts
  • 123 Subscriptions
Top Solution Authors
Labels