General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Panorama 4.0.1 commit error

I have a PA-2020 managed through Panorama, both running 4.0.1. When I change a setting in Panorama for example a security policy change in the local device context only !If I commit the change I get this error message right after clicking on commitAlthough the commit is still being processed in the job queueAfter a moment I can see the commit ha...

gafrol by L4 Transporter
  • 4512 Views
  • 3 replies
  • 0 Likes

Resolved! User in different AD groups

Hi,we want to enforce a policy with user groups from AD. USER ID actually works fine.The following scenario: A single User (e.g. Harry) belongs to different AD groups (e.g. group1 & group2). The policy works with different URL Filtering profiles.Policy 1 will have Source "group1" and Policy 2 will have Source "group2" as Objects.Policy 1 is ...

Haecker by L0 Member
  • 2664 Views
  • 1 replies
  • 0 Likes

Resolved! New Deployment - No Threat Data

I just put my new 4020 in-line yesterday. I see traffic. I see App Categories. I see nothing under threat monitor even though the feature is licensed and activated. I had a test box a few weeks back that was in span-mode (tap-mode) and Threat Data showed up immediately.My current policy is very simple. I am allowing all out and allowing all in. ...

jickfoo by Not applicable
  • 2899 Views
  • 2 replies
  • 0 Likes

Routing issue

Hi guys,I have an issue I faced before with OpenBSD's PF Firewall but I am not able to solve with PAN.My topology is:INET ----- PAN ---- DMZ ---- Balancer ---- Balanced Servers | LANThe domain controllers for the DMZ domain are located in DMZ and their default gateway is PAN. The route to reach the balanced servers n...

ajripa by Not applicable
  • 5377 Views
  • 3 replies
  • 0 Likes

URL Filtering Categories

Hello,After some days using a PAN Firewall, I've notice that some URL are incorrectly classified. Is there any way to modify the standar URL categories?Thanks,

ajripa by Not applicable
  • 5924 Views
  • 4 replies
  • 0 Likes

Multiple Virtual Routers sharing the same INSIDE zone? Possible?

Hi.I have my PA's running fine and dandy with my normal internet link(s) and DMZ farmed out to my edge routers without issue.Now I have coming a requirement for a dedicated, seperate Internet link and DMZ for a special purpose with the traffic being completely isolated from my "main' links.I want to assign two new interfaces - one for the extra ...

dagibbs by L4 Transporter
  • 8694 Views
  • 3 replies
  • 0 Likes

3.1.8, when?

Hi,we opened a Case and the support answered that it will be fixed in 3.1.8 release.I was wondering, when will it be released?Any idea?Thanks

multiple SSL-VPN profiles

I have to manage some different SSL-VPN profiles. I would offer to remote user the possibility to choose a VPN profile and then access the enterprise network with different policies. Is it possible ? How can I distinguish between one profile from another ? I suppose I need some IP public addresses to create different SSL portal with different IP...

lauro7 by L0 Member
  • 4211 Views
  • 2 replies
  • 0 Likes

Invalid address value NaN shown in 3.1.7

Since updating to PAN 3.1.7 the committing dialogue showsdevice: Invalid address value 'NaN'Nevertheless the rule installs successfull.Does anybody have the same strange message?

mhuels by L3 Networker
  • 4092 Views
  • 4 replies
  • 0 Likes

Auto-block admin "hammer" attempts?

I've been seeing stuff in the system log like the following:User 'caitlen' failed authentication. Reason: Authentication profile not found for the user From: [some hacker in China's IP]. There are a huge string of these, obviously it's reading through a dictionary and trying a bunch of accounts.Is there any way to get the PAN to ignore the IP fo...

bradenmcg by L3 Networker
  • 2481 Views
  • 1 replies
  • 0 Likes

Add second Internet coonection

Does anyone have any notes or tips on adding a second Internet connections? Also need to point specific group of uses to new connection, do I create a second Untrust zone, different name then first Untrust zone and change the security rule for those source users to point to new untrust zone? Thanks

Resolved! Recommended software releases?

Hi All,I looked around, and I was wondering if Palo Alto has a similar "recommended software" as other vendors do where depending on the hardware there is a specific version of software, or is everyone just updating their firewalls as the new PanOS versions are released?Thanks.

dmarion by L1 Bithead
  • 4641 Views
  • 3 replies
  • 0 Likes

PanOS 4.0

Its disappeared off of the site along with the version 4 terminal services agent. Anyone know why? I've been waiting for the 2008 64 bit agent for a while.

SMF by L1 Bithead
  • 2942 Views
  • 2 replies
  • 0 Likes
  • 24402 Posts
  • 123 Subscriptions
Top Solution Authors
Labels