General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

OCS or Lync support

Hi all,did anyone have any experience or customer with PAN and OCS or new MS Lync 2010?Does PAN have signature to recognize Lync traffic?I already know that ms-ocs-video, audio, xfer are identified, but what abount Lync?Thanks in advance

Resolved! userid-agent vs pan-agent - what's the difference?

Hi.In trying to diagnose a recent issue with identifying users on my SSL VPN, I deleted the user identification configuration and re-adde it.I noticed that there are now two types in a drop down box when adding a userid agent - userid-agent and pan-agent.Can anyone tell me what the difference is? And which one should I be using to talk to the AD...

dagibbs by L4 Transporter
  • 4137 Views
  • 2 replies
  • 0 Likes

SSL VPN Login history

Is there any way to increase the retention of successfull logins to SSL? I would like to retain at least 2 months if possible.Thanks,D

Understanding Zone Protection

Hello all,I recently configured Zone Protection for the external interface (untrust) on a PAN-2020 3.1.6 in a vwire setup. Initially we have configured ZoneProtection to "Alert" only.We have set the triggers for "Activate" and "Maximum" to a figure which we will never reach (screenshot ZP-1.jpg) and bound this ZoneProtection Profile to the untr...

gafrol by L4 Transporter
  • 19080 Views
  • 6 replies
  • 1 Likes

Unable to Ping to Layer 3 interface

Hi , I have a Palo Alto 4020 . I have configured one of the interfaces as Layer 3 and also allowed Ping and telent on this interface . The IP given to this Layer 3 interface is 192.168.90.17 and its default gateway is the VLAN interface 192.168.90.1. Even when I connect a Laptop directly to the interface by giving the Laptop an IP of 192.168.90....

TFAUH by L0 Member
  • 10550 Views
  • 8 replies
  • 0 Likes

Application number discrepancy

I noticed a discrepancy in the number of Applications shown under Objects -> Applications. At the top of the page it shows 1163 matching applications but, at the bottom right of the page it shows Displaying 1 - 40 of 1204. Could you please confirm which number is correct the 1163 or 1204?Thank you...

jwolach by L4 Transporter
  • 2324 Views
  • 1 replies
  • 0 Likes

Ident Agent error

Hi.I've noticed the following error in my PA logs this morning12/07 09:30:54 general informational general Pan-Agent read log error: 10.1.30.142 716 time(s) However, I've checked the DC the agent is running on and it doesn't appear to have any errors - it's enumerating users to IP addresses fine and the agent itself reports "No Errors" in the s...

dagibbs by L4 Transporter
  • 2821 Views
  • 1 replies
  • 0 Likes

Windows Remote Desktop Application Slow When Access Through PAN Firewall

Hi Guys,I am experience some issue with the PA-500. I am having some slowness issue when users connect from remote site to HQ local server via remote desktop ( ms-rdp ) application and sometimes unable to connect or disconnected.Policy rules are : WAN - LAN Source any Destination 10.0.0.10 and 10.0.0.11 (server ip) any any profiles: noneThat ...

jeffhooi by Not applicable
  • 6988 Views
  • 2 replies
  • 0 Likes

regarding url

recently it was found that recently that sudden url sites are not being filitered , like www.vtunnel.com is being blocked under the Proxy Avoid and Anonymizers but https:vtunnel.bz , org etc are not blocked . how to block them .

jerry by L1 Bithead
  • 2716 Views
  • 1 replies
  • 0 Likes

Resolved! SSL VPN and mixed authentication

Hi.I've got an SSL VPN setup and working fine on my PA firewalls, using LDAP plugged into my AD for authentication.I want to be able to authenticate LOCAL firewall users against this VPN configuration as well as LDAP useds.Is this possible? I tried just adding the local users into the "allow" list but they wouldn't authenticate - kept giving an ...

dagibbs by L4 Transporter
  • 3619 Views
  • 2 replies
  • 0 Likes

PA-2050 connected to Cisco 4000-series switch

Hello,We had a problem when we connected PA-2050 appliance (PanOS 3.x) to Cisco 4000-series switch. There was simply about 30% packet loss in traffic and it wasn't usable. Then we just put some dummy switch between PA and Cisco and everything works fine.Now we discovered the problem disappeared when we replaced Cisco switch module hardware revis...

ahtiakel by L1 Bithead
  • 5035 Views
  • 4 replies
  • 0 Likes

strange arp behaiviour

I configured PA to use my outside interface (192.168.128.61) for update checking (not management interface), after it I noticed strange arp behaiviour from PA:00:14:40.540937 arp who-has 67.192.236.252 tell 192.168.128.61PA tries to locate update server by making arp request to it, like it has no default gw configured. Default gw is configured o...

SimasK by Not applicable
  • 3277 Views
  • 1 replies
  • 0 Likes

2008 DC´s are not shown in PAN User Agent

Hi,to add DC´s in the Palo UA I can push the "Search Button" with the "..." Box.But the result is that only 2003 DC´s are shown. The 2008 DC´s are missing here.Agnet Versiomn is 3.1.2. Someone has an idea why this happens?Thanks in advance.Stefan

User activity reports on Panorama

We've just got a new Panorama and Palo Alto implementation done.Reviewing the reporting options I noticed that a "User Activity Report" can not be requested from the Panorama server.It can be requested from the devices themselves.My issue with running the report from the devices is that we have an active/Passive setup, so I need to run the repor...

  • 24396 Posts
  • 123 Subscriptions
Top Solution Authors
Labels