This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

AD user mis-identification issue in PAN

I have recently deployed PAN in my organisation which has 2 domains.I have installed 2 PAN agents -- 1 for each domain and added respective DC's to their respective PAN Agent. URL filtering is done on the basis of User ID from AD. So when a user logs in with his User ID, policy assigned to his User ID gets implemented.Everything is working fine ...

u6402 by Not applicable
  • 3951 Views
  • 4 replies
  • 0 Likes

PAN Agent Over WAN issues.

Hi PA Champions,I have had issues with high b/w utilization from PA-FW to PAN Agent over WAN links.As such best alternate was to install a PAN Agent in remote WAN Site DC's, along with the PAN Agentthat is already installed at the Head office.But once I had done with installation with the PAN Agent in the WAN site, I have had issueswith PA-FW tr...

ta185020 by Not applicable
  • 2135 Views
  • 1 replies
  • 0 Likes

Resolved! Custom Reports v4.0.1 (be1demo)

When creating a custom report and using the query builder there seems to be a problem with adding multiple values in the builder (unless I am just doing this wrong)I am trying to create a report to show from the traffic summary log all peer-to-peer technology traffic of a risk catagory of 4 or 5.This is the statement I am using:technology-of-app...

Anti-Malware Effectiveness?

Hopefully the title will generate some interest and feedback! To keep this brief, im happy with the effectiveness of the P.A IPS, NSS labs test results proved this and well done PA, it appears to be world class. The effectiveness of the P.A antivirus / spyware engine is however another kettle of fish. Here i struggle to see the malware protectio...

Terminal Service Agent Support

Hi,I am looking for the list of supported terminal services for the user agent.I have the following servers:a. 2000 Servers running Terminal Services b. 2000 Servers running Presentation Server 4.5 c. 2008 Servers running XenApp6I know that the Windows terminal services is fine, but what about the Citrix ones?Are these supported and if not, what...

Protocol Migration from Checkpoint

Hello,We have some protocols defined on Checkpoint, and we are not able to traduce to PAN 4.0.FTP_mapped is defined as Protocol 6, match SRV_REDIRECT (21,0.0.0.0,21), set r_mhandlerHTTP_mapped is defined as Protocol 6, match SRV_REDIRECT (80,0.0.0.0,80)backweb is defined as Protocol 17, match Backweb_matchCould somebody help me?Thanks.

jvmartin by Not applicable
  • 2968 Views
  • 1 replies
  • 0 Likes

Routing Issues with Layer 3 Deployment

Hello all,I'm having issues with internet access on different subnets. I have attached a diagram on my network. The Server VLAN has Internet access but the rest somehow are not managing, I'm seeing the traffic in the logs but nothing seems to be working.I have tried various settings but somehow I'm missing it. Does anyone have any thoughts?

devere by L2 Linker
  • 14672 Views
  • 7 replies
  • 0 Likes

APP-ID for IPSec over UDP

Hello Community,the standard IPSec APP-ID did not handle complete IPSec-NAT-Traversal (UDP 4500) ...I've noticed that reestablishement of NAT-T is not detected successfully.This causes problems with temporary droped IPSec-Sessions.Any idea ?Regards,Christian

cmock by L1 Bithead
  • 2565 Views
  • 1 replies
  • 0 Likes

[botnet] some url filter out.

Hello all.on the firmware 4.0.1, we have botnet monitoring function here,but on the report, I can see some of normal url(false positive) that trigger the botnet module.like .."211.234.239.48/upload/notice/polling40_v.ipml"can you please tell me how I can filter out(exempt it) this URLs?other than 'count' value for the event?thank you very much.

bhlee by Not applicable
  • 3265 Views
  • 1 replies
  • 0 Likes

How to Manage External Users via UIA/PAN

If the organization has Users who are contractors/sub-contractors (deskless workers); how can you manage these Users via the PAN if they are not members of the Domain?Would AD deskless worker objects need to be created AD-side for them to be prompted by Captive Portal, or is there a workaround to this practice?Thanks,Rob

Pan OS 4.0.1 and searching

I've noticed that after updating to 4.0.1 when searching for user Traffic everyone keeps showing up. I am clicking the apply filter. Its also happening on the Threat, URL and Data Filtering.Is anyone else seeing this problem?We already have a support ticket open for the Dynamic updates "Application and Threats" issues.

HTTP Brute Force Attempt

I was contacted by a major government entity about an HTTP Brute Force attack/attempt coming from my institution. Their IDS triggered on a researcher in my organization attempting to login to one of their training websites. The user forgot their password. I only found out due to this user being only one in the PAN going to this website, howev...

rule shadows

I'm trying to clean up our rules, specifically the shadows. I've run in to one rule that is shadowing 6 others:- Rule 'rule208' shadows rule 'rule211'- Rule 'rule208' shadows rule 'rule212'- Rule 'rule208' shadows rule 'rule292'- Rule 'rule208' shadows rule 'rule296'- Rule 'rule208' shadows rule 'rule297'- Rule 'rule208' shadows rule 'rule293'R...

bhelman by L2 Linker
  • 2797 Views
  • 1 replies
  • 0 Likes
  • 24379 Posts
  • 123 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks