General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Threat Vector, a Unit 42 Podcast, is Now on LIVEcommunity!

We have some exciting community news to share: Threat Vector, a Unit 42 podcast, is now on LIVEcommunity!

 

Threat Vector is your compass in the world of cyberthreats. Listen to this biweekly podcast to learn about unique threat intelligence, cutting

...

jforsythe by Community Team Member
  • 93 Views
  • 0 replies
  • 0 Likes

How and Why to Accept a Solution to Your Post

Did you know that you can help your fellow community members by accepting solutions when a reply answers your question. Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature

...

JayGolf_0-1691518400714.jpeg
JayGolf by Community Team Member
  • 3334 Views
  • 2 replies
  • 14 Likes

Deploying SSL decryption with Public CA

I am trying to figure out how to deploy SSL decryption. I have it working in a test environment using an in house CA and by importing the cert. into my browser. As we have Firefox users and can't export the Trusted Root CA with a GPO, I am looking fo

...

IPSec Tunnel to Windows Server

I have learned, PAN will only build route based and not policy based IPSec tunnels.

We need encrypted communication between several Windows Server 2008 systems in the outback and a lot of them in the central office. Till now, we build a site-to-site V

...

mhuels by L3 Networker
  • 4732 Views
  • 8 replies
  • 0 Likes

User Identification Agent

Hi,

I have a question concerning the User Identification Agent.
Yesterday we had  a problem with wrong user identification. The problem is solved in the meanwhile  but it would be nice for me to understand how the agent works.

To solve  the wrong identi

...

Virus: use of the packet capture

Hi,

  I wanted to know what you usually do when you see a Virus detected on the PA.

  How do you check that it is not a false positive?

  Do you use the packet capture in the case of a virus?

  Does the name/id of the Virus help you to find more details

...

Dynamic update sych in HA environment

We have a pair of 4050s in a HA configuration.  I was wondering if there was anyone that has a best practice or advice on setting up the Dynamic update synch. We are looking for the best way to keep the environment up to date through dynamic update w

...

Why are new units shipped so out-of-date?

We have purchased eight units (2020s and 4020s) in the past two months and they all shipped with PANOS v3.1.4, no updates of any kind, and an incorrect setting for the URL filering (surfcontrol vs. brightcloud) which requires a full reboot to fix. It

...

KGC by L3 Networker
  • 2409 Views
  • 2 replies
  • 0 Likes

LDAP Authentication questions

Hi everyone,

when I configure LDAP for authentication,
then I'm getting the groups in the distinguished name (dn) format.
I can choose them in policies and in the authentication profile.

Now my questions,
is the pan-agent then needed for policy authentica

...

indevis by L2 Linker
  • 3950 Views
  • 4 replies
  • 0 Likes

How to disable threatID for defined IP addresses

Hello!

I would like to disable one threatID for specific sources/destinations (e.g. when source or destination is file sharing server), but I would like to enable it for all other users and/or addresses. Is it possible to do that?

Thank you and best re

...

mkopcic by L2 Linker
  • 2144 Views
  • 1 replies
  • 0 Likes

How to handle if control link/data link failure in HA

Hi All,

I would like to know if our environment using 2 x PAN and formed HA. The control link and data link connected to switches as our office over 3 floors in the same building. If the switch failure, how did the PAN response? Will they are not able

...

johnnyw by Not applicable
  • 3428 Views
  • 3 replies
  • 0 Likes

Resolved! blocking files based on size ..

hi,

i was looking for a way on how to block files based on size like to block files which is greator than 3mb for exmaple.

i thought it could be created in custom vulnerability but i cant find.. so is it possible ?

Any documents with Logging and Splunk

I got as far as sending all the logs to our Splunk server, but am having problems with generating simple reports or using the Splunk for Palo Alto networks App. Any tips in getting that to work?


I found one PDF from a while back, but doesn't quite see

...

  • 24126 Posts
  • 100 Subscriptions
Top Solution Authors
Labels