General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Resolved! TCP Split Handshake spoof

Hi, i would appreciate if someone from the PA team could address the following question.In the recent NSS Labs Firewall Comparative Group Test Report Q1 2011. Of the 6 products review and tested, 5 were suseptible to the above type attack. For details ( http://www.securityweek.com/testing-lab-exposes-major-flaws-industry-leading-firewalls )Q: Ca...

User-ID Agent 3.0.x on Windows Server 2008?

I've heard that the User-ID Agent 3.0.2 should be supported on Windows Server 2008 and 2008-R2, but my attempts have failed on both platforms. In both cases, I am using a domain-admin account to install the .MSI package but getting an error at then end when it tries to install the service. All files appear to have installed correctly.When I drop...

u2849 by Not applicable
  • 7113 Views
  • 6 replies
  • 0 Likes

Not blocking Eicar in 3.1.8

Since 3.1.8 the PAN do not identificates the Eicar "virus" in all cases. The loading from https://secure.eicar.org/eicarcom2.zip will be possible, but the same file with http://www.eicar.org/download/eicarcom2.zip will be blocked reliably.

mhuels by L3 Networker
  • 3289 Views
  • 3 replies
  • 0 Likes

Cloning traffic to simulate attacks/vulnerabilities

Hi,Has anyone ever tried to clone malicious traffic sent through the palo-alto firewall to try to re-simulate attacks or exploit vulnerabilities?If you have, can you share your experience in how you did it?Just trying to research on some ideas of how to seek exploit possibile vulnerabilities based on traffic that I might think is malicious.If yo...

ikinnexi by Not applicable
  • 5659 Views
  • 6 replies
  • 0 Likes

SSL VPN on Mac OS X running in 64-bit mode?

Hi,Some of our clients are running OS X in 64-bit mode and when they launch the client they get a pop-up telling that its not supported on a 64-bit kernel.Is this expected behaviour? Will there be a version that supports 64-bit kernel?Thanks!

Resolved! URL logs

Is it possible to see url logs without url filtering license? I'm not talking about profiles and blocking some categories, just to see what urls users visited.Regards!

mkopcic by L2 Linker
  • 2785 Views
  • 1 replies
  • 0 Likes

URL Filtering allow

Hi,I would like to know if it's possible to have the allow-list URL in the log.As we have to do monitoring not only on blocked URL but also in allowed.Brgds, Lionel

Anyplace remote control to be stopped

Hi,A remote control online solution called Anyplace Control(anyplace-control.com), and this needs to be stopped.Palo Alto shows this as "unknown-tcp", and as such it may be disastrous to stop all unknown-tcp.I need this to be blocked as an application block, but do not know how toproceed. Please advise.Rgds,Tauseef

ta185020 by Not applicable
  • 2581 Views
  • 2 replies
  • 0 Likes

Custom Report Oddity in PanOS 4.0.1

I have the following report configured and it is checked "scheduled" in PanoramaSoft Block Report { type { panorama-url { group-by day-of-receive_time; aggregate-by [ risk-of-app action category srcuser src misc ]; values [ repeatcnt ]; } } period last-7-calendar-days; topn 500; topm 10; frequency daily; query (action...

rroberts by Not applicable
  • 2281 Views
  • 1 replies
  • 0 Likes

Cisco CAPWAP

We recently brought in some new Cisco WLC's and AP's and noticed that they use LWAPP. Originally my PAN saw this traffic as an app called Xunlei...which was being blocked. After finding and creating a special category for this custom app...it started working. Then, PAN came up with this app id....so now it's identifying all 3. Has anyone els...

Panorama Management of CLI/SSH Admins

Panorama allows central management of Web UI users, but what about SSH/CLI users? Is there any way use Panorama as a CLI proxy to access managed devices in a similar manner? It seems to me that the only way to manage CLI users is via a local account on each device, which could be quite cumbersome. It may also force folks into following not-s...

mgentile by L2 Linker
  • 2308 Views
  • 1 replies
  • 0 Likes

PAN agent over WAN issue

Hi,Just had another issue to discuss about WAN Pan Agent, if you do have time, please go through.Local LAN PAN agent is configured for 10.0.0.0/8 networkWAN PAN agent is configured for site 1 network 10.12.111.x/24But I have users from Site to with network 10.13.111.x/24 as well logging on to the same DC of site 1.I think its some AD issue, thou...

ta185020 by Not applicable
  • 2223 Views
  • 1 replies
  • 0 Likes
  • 24395 Posts
  • 123 Subscriptions
Top Solution Authors
Labels