General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Resolved! sample logs of licenses expiration

Hello,

Could you give me the sample logs that the PA log before the following licenses expira ?

- Support
- URL Filtering
- VSYS upgrade

We have the log of threat prevention license:
- License for feature threat will expire on 2009/12/11

Regards,

Defining Policies, Profiles, etc via CLI

Our primary interface with devices and management systems is through the CLI.  Essentially, what I need is a guide that explains the syntax and how to create/update/delete policies, security profiles, etc via CLI.  (Neither the CLI Reference nor the

...

Troubleshooting PAN-Agent connectivity

Hello, I have PAN OS 3.0.5 installed on a cluster (active passive)

The passive device seams to have problem to contact PAN

As you can see from ommand below 10.44.36.125 Agent can't be reached (on active is ok)

(active)> show pan-agent statistics
Name    

...

Log files meaning

Hello,

With command tail I can read log from PAN FW. ...

questions :

what's difference between mp-log and dp-log ?

what does the mp-log files below contain/mean (i.e ha_agent.log is for ha system) ?

appWeb.log.old                masterd_manager-infra.log
b

...

Resolved! Pan Agent Expire setting

Hi,

I see in the logfile the information :

2010 01 04 10:07:25, ########################### Start Pan-Agent #############################
2010 01 04 10:07:25, Add Domain: ce
2010 01 04 10:07:25, Num. of Threads: 40
2010 01 04 10:07:25, GroupMemebers cache

...

u2343 by Not applicable
  • 4195 Views
  • 3 replies
  • 0 Likes

Resolved! Clear SSL Certificate cache

Hi,

We have a PA-500 and I can view the SSL certificates with: "debug dataplane show ssl-cert-cn"

I was told that this is the list of SSL certificates that are stored in the cache.

However I'd like to know how to clear this cache

Thanks

Secondary interface addresses

I'm trying to add more of the public IP addresses issued by my ISP to the external port on my PA-500.  When I try to commit the config, I get this error:

  • routed: In virtual-router Incoming: address 12.x.x.x/27 on interface ethernet1/1 has overlapping
...

bwmillslg by Not applicable
  • 11762 Views
  • 4 replies
  • 0 Likes

Can I check if a connection was dropped by the firewall?

I frequently have people coming to me asking if I can check if a connection is dropped on the firewall.

Allow me to give you an example:

We have a trunk setup between a cisco callmanager and one from Alcatel. All traffic between the 2 systems flows thr

...

pieters by Not applicable
  • 4445 Views
  • 1 replies
  • 0 Likes

DHCP - Not setting Subnet, issues with PXE Boot

We are having an issue with our new Palo Alto 2050.

We are using the DHCP server on the 2050 in conjunction with a PXE to iSCSI system.

Using a different firewall/router with integrated DHCP server - the system works fine.

With the 2050 - it doesn't.

We

...

  • 23591 Posts
  • 103 Subscriptions
Top Solution Authors
Top Liked Authors
Labels