General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Does Netconnect work with Windows 7 Service Pack 1?

Netconnect version 1.2.0-402 connecting to PANOS 4.0.1 running on Windows 7 SP1 (32bit) have been successfully tested using both IPSec and SSL protocols. We received some reports from clients using other VPN technologies that SP1 broke their client VPN connections.

jdgregg by Not applicable
  • 5342 Views
  • 2 replies
  • 0 Likes

URL Filtering Bug filter bypassed

HI,I am having issues with the URL filters for example if i have a blocked porn site www.xxx.com and i enter www.xxx.com.(dot) it bypasses the filter and is allowed through. I am running version 3.1.6

Setting up Orion NPM to monitor PA-2050 via SNMP

Hi,I'm new to setting up SNMP and need help.Our Network Engineers need to setup their Orion NPM to monitor our 3 Palo Alto 2050's via SNMP.They basically only need to monitor CPU, Memory, and Link States of the 3 interfaces hooked up for each of the 3 Palo Alto 2050's we have setup.Can someone walk me through this as far as how to setup communit...

ikinnexi by Not applicable
  • 4791 Views
  • 2 replies
  • 0 Likes

Resolved! Panorama 3.1 to 4.0 migration

Hi,I would like to know if Panorama 4.0 is able to manage PanOS 3.1.x firewall. If yes is there any restrictions or known caveats ?In fact, we are planning to purchase Firewall 5050 which support only PANOS 4.0, and beside this we have some others 40xx series,that we can't migrate to 4.0 fast enough. So if panorama is able to manage 3.1 and 4.0 ...

bdaussin by L0 Member
  • 3549 Views
  • 4 replies
  • 0 Likes

No IPSec-Tunnels after Upgrade from 3.1.7 to 4.01

Hello,we run 8 PA-500s in 8 Branches. After upgrading them from 3.1.7 to 4.0.1 not all IPSec-Tunnels become active.The Tunnels to the branches with the WAN-Interface connected to SDSL with PPPoE (automatic IP/Netmask/Gateway) stayed inactive, even after more than 12h.The WAN-Interface itself was online, pings to a external addresses were answere...

Multiple NAT or UTurn NAT rules

We are hoping that someone can suggest a simpler way to resolve the issue of allowing internal hosts (in the Trust zone) to access servers sitting on the Trust zone via their external IP address (what PAN calls a UTurn or Hairpin rule). We have nearly 70 Static IP NAT rules, most of which are bidirectional, and are not looking forward to defini...

synapse by L0 Member
  • 4024 Views
  • 2 replies
  • 0 Likes

Resolved! Opening file download for specific URLs

I have recently deployed PAN 2050 in my organization. We are enabled file blocking for selected file types e.g. (EXE, BAT, CAB, ZIP, ISO, RAR etc.) in both the direction. But as per management decision I have to allow download access from Microsoft URL’s. As you are aware Microsoft is having hundreds of IP’s so I can’t achieve this using IP addr...

u6402 by Not applicable
  • 2780 Views
  • 1 replies
  • 0 Likes

DOCX, XLSX, PPTX, ASPX files to be allowed when zip is blocked

I have recently deployed PAN 2050 in my organization. We are enabled file blocking for selected file types e.g. (EXE, BAT, CAB, ZIP, ISO, RAR etc.) in both the direction. Currently we are facing some issues with DOCX, XLSX, PPTX, ASPX file types. Even though this file types are allowed PAN is detecting these files as ZIP files and it is getting ...

u6402 by Not applicable
  • 4916 Views
  • 1 replies
  • 0 Likes

PAN-2020 is taking 45 Minutes to 1 Hour for committing the changes

I have recently deployed PAN 2020 in my organization. Initially it was working fine without any major issues. But recently it started behave strangely. PAN is taking 45 Minutes to 1 Hour for committing the changes. Sometimes it may even get timeout as well. Restarting PAN device is resolving issue temporarily. Did anyone face this issue before? ...

u6402 by Not applicable
  • 2632 Views
  • 2 replies
  • 0 Likes

Resolved! PANOS 4.0.1 - Color Scheme Hard to Read

Does anyone else find that the color scheming of PANOS 4.0.1 extremely hard to read?Since upgrading recently I've had multiple complaints specifically with reading of the 'greyed-out' areas such as disabled rules, the soft contrasting and color choices are terrible to read.Is there any way to change this to something with more contrast?

micit by L1 Bithead
  • 2711 Views
  • 1 replies
  • 0 Likes

Packet Capture problem w/ PA-5020 running 4.0.0

So, using debug dataplane packet-diag I am unable to get filters to work propperly and quite often don't see data that I actually Should. I didn't know if this was a bug with the 4.0.0 code or not but it makes it awful hard to defend the firewall when I can't produce reliable output from either logs or packet captures. The settings I have are ...

Virus only email alerts?

I see where it is possible to send alerts for threat preventation at the different severity levels, but is it possible to only send alerts for a specific type? Specifically i'd only like to receive emails for Virus alerts.

chrisp by L3 Networker
  • 3146 Views
  • 2 replies
  • 0 Likes

Rules applying to wrong users

IOS : 4.0.1User ID Agent Version: 3.1.2We have RULE1 set for USERS - A, B, and C. They have an AV, Anti-Spyware, and Vulnerability protection. RULE2 is for ANY other users on the network, which has its own AV, Spyware, Vulnerability profiles as well as a URL Filter.Users associated with RULE1 will randomly be applied to a URL filter, when they...

Resolved! SSL VPN Vlient 1.2.0 - invalid PaloAlto Cert

Hi PaloAlto,please update the SSL VPN Client 1.2.0: the "Java Object Signing certificate", which seems to be compiled into the client,is no longer valid. Atached are two screenshots.Best RegardsUpdate: Fixed in 1.3.0

Downloading updates through a diffrent interface

Hi,Is there a possibilty to download the AV signatures / Dynamic updates through one of the non-managment interfaces?I have one interface connected to my LAN, the other one is external - in a L3 deployment.I do not want to connect the managment interface at all, but use the existing ones.Thanks, Roy.

support6 by Not applicable
  • 3391 Views
  • 2 replies
  • 0 Likes
  • 24403 Posts
  • 123 Subscriptions
Top Solution Authors
Labels