This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Panorama Utilization Spikes

Hello,Is there a scheduled process that runs every 15 minutes on Pano? CPU and memory spike at same timeframe every 15 minutes. The CPU spike is quick - while the memory spike jumps - and then takes some time to release the memory usage. Running 4.0.3. Did not notice this during the 3.x code - and only just noticed the other day (been on 4.x ...

MGoodnow by L4 Transporter
  • 4823 Views
  • 2 replies
  • 0 Likes

How to shutdown a PA-4020

We need to shutdown a PA-4020 on 3.1.5 for relocation. "request restart system" no longer works. Does anyone know the new command line command? Thanks

Effectivenes of DOS protection

Hi, will appreciate the comments of the PAN community about the efectivenes of the DOS protection features of Palo Alto. Are there DOS attacks that can't be mitigated by Palo Alto ?ThksMario

Resolved! Packet flow question

Hi everybody,Device: PA-500Software: 3.1.7we have a problem with our vpn tunnels. The tunnels are up and running,but when I try to connect or ping a system over the tunnel we are getting timeouts.To figure out what happens, I did a packet flow all and a packet capture and here I get an entry which I can not explain."L2 broadcast cannot be forwar...

indevis by L2 Linker
  • 6467 Views
  • 6 replies
  • 0 Likes

Resolved! VPN Password Length

Hello All,I noticed that there is a password length limitation when using the VPN page. Can this be increased to something like 40 characters to support longer OTP characters?Thanks,Will

ausit by Not applicable
  • 3157 Views
  • 1 replies
  • 0 Likes

Resolved! NetConnect Certificates

I'm looking for a bit of info on how the NetConnect client uses certificates.I have a VPN endpoint configured on my PAN firewall which is configured to use a GoDaddy Wildcard SSL certificate. When I connect to the web portal the installed certificate is valid and recognised by the browser.When a user authenticates and the NetConnect client start...

ethiSEC by L2 Linker
  • 2875 Views
  • 1 replies
  • 0 Likes

Firewall fails with "APT-HTTP/1.3" in useragent string, like ubuntu do during update

user@unix:~/kannweg> wget -d -U"nonsense APT-HTTP/1.3" www.dackel.defails allways with2011-06-16 13:44:16 FEHLER 503: Service Unavailable.user@unix:~/kannweg> wget -d -U"nonsense APT-HTTP1.3" www.dackel.deworks.There is no log entry of this in any firewall log.Seems to be an intolerance of the Palo Alto firewall to "APT-HTTP/1.3".

mhuels by L3 Networker
  • 2316 Views
  • 1 replies
  • 0 Likes

Resolved! no-pbf action rule not matching traffic

Hello,After creating some PBF rules, I'm checking out if there's some traffic matching or not. I realize that PBF regular rules, are SHOWING matches. But the PBF with no-pbf action rules are not showing matches. I believe that the action is working but the counter is not working properly. Do you know the expected behavior?By the other hand, If t...

Captive portal for user authenticated

Hi,We have a client with Active directory domain, this client have a lot of user with the same username (generic) in domain. Actually, when a user wants to access to Internet, the proxy IAS ask the user another user/pass and then if the user have access to internet put another user/pass. Is it possible with PaloAlto? I see that the source, in ca...

COMIP by L2 Linker
  • 2351 Views
  • 1 replies
  • 0 Likes

Authentication Sequence clarification

Hello,We plan to use PA in order to provide Guest WIFI access in our Network. We need a clarification about authentication sequence feature. We plan to have two LDAP servers : the first one with only corporate users and the second one for external users. We want the captive portal to grant access to the Guest WLAN to any coporate user (with a sm...

nmarchal by Not applicable
  • 3182 Views
  • 2 replies
  • 0 Likes

REGEX Queries (RSA ID Number)

Hi All,Hope someone is able to help. I have no experience with regexSouth African ID Number are a 13 digit number incorporating date of birth, gender, citizenship and there is a check digit at the end to vilidate the number.I am looking for a way to vailidate these ID numbers.For example my ID number is 7902275404184The first 6 numbers are date ...

Resolved! Custom logo and user info avoiding peer' syncronization

Hello,I'm pretty sure that I'm beating a known bug from 4.0.1 but I wish to make sure this point before to move to 4.0.3.Syncronization between the active and the passive pans use to fail. Sometimes the running config sync fails and some minutes later it started to work without human intervention. BUG fixed at newer versions?Custom logo and user...

cant ping out from PA 2020

hellojust setting up a PA 2020 which has a management IP configured - should this be enough to perform license key registrations/downloads?eth1/1 vwire untrusteth1/2 vwire trustwhen i telnet to device i cannot ping a public IP addressi have 1 policy from trust/any/any/any to untrust/any/any/any allowthanks for any helpS

sue_town by Not applicable
  • 9894 Views
  • 6 replies
  • 0 Likes

Panorama policies pushed into device not appearing in restful api when querying managed devicewhen

Hi,I'm using Panorama to manage PA-2020 device. I defined a shared policy (Pre rule) and pushed it into one of the vsys.I've verifiedin the web interfacethat the rule appears correctly.However, when pulling the configuration from the device managed by Panorama via rest api the rule did not appear at all. I used the following query to do it:http...

  • 24381 Posts
  • 123 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks