General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Blocking bittorrent traffic

Hi,I have just found the time to start learning about our new firewall. As a test I have tried creating a policy for blocking bittorrent traffic, but it seems to have only limited effect. Transmission still happily downloads the torrent although I can see from the logs in the firewall that at least some of the traffic is being denied.Am I doing ...

MarioG by L1 Bithead
  • 9014 Views
  • 6 replies
  • 0 Likes

Uknown-tcp in application based policy logs !!

Hi,I'am using PAN-OS 3.0.9, and i have configured some policies in witch i allow some applications defined by application override. I noticed that in the logs associated to this policies, there are lines that are identified as "unknown-tcp" with action :"allow" and type "end", is this normal?Normaly the firewall should not allow this connexions ...

asia by L3 Networker
  • 5550 Views
  • 5 replies
  • 0 Likes

No version info in Virus install from panorama

Hello,When doing app/content installs it shows what version is installed on the end device, but when doing an anti-virus update it does not so you have to keep track of which ones were done. Is this a bug in the software or what do we need to do in order to fix this?Thanks,Doug

Using an explicit L3 interface for captive portal web form in PAN-OS 3.1.2

Hello,I noticed this in the PAN-OS 3.1.2 release notes :Captive Portal Session Enhancements – The captive portal web forms method of authenticatingand identifying a user’s IP address has been modified to include a session cookie. This sessioncookie is used to maintain the user to IP mapping as long as the users’ browser remainsrunning. In additi...

asia by L3 Networker
  • 4319 Views
  • 4 replies
  • 0 Likes

No logging from firewall to Panorama

We have panorama installed and 10 firewall devices, reviewing the logs today noticed that only getting logs from two of the devices even though I can install app/content and virus definitions to all of them so communication is working fine. Anybody have any ideas on why we are not getting any of the logs?Thanks,Doug

Authentication for educational site, before being controlled by PAN

What I'm after is a system that acts as a RADIUS server to authenticate both wired and wireless users over the network via EAP. The network will then authenticate the user and allow them access to specific VLANs, depending on the user and what machine they are logged on to. Some possible scenarios:Staff Member without admin rights:- If they ...

KatanaNZ by L3 Networker
  • 5061 Views
  • 4 replies
  • 0 Likes

SSL VPN Configuration - HELP!

Hi All,I have been strugeling to get set up the SSL VPN on v3.1.3I have managed to get the page to login appearI have managed to be able to loginI have been able to dowload and get the client connectbut for some odd reason it will not communicate to the network !!! :smileyconfused:I have followed the article on the VPN connection on this site, I...

SSL-VPN with Ldap

I´m trying to configure ssl-vpn to authenticate users in ldap server or locally with imported users from Ldap via PAN. The only way that I’ve successful login´s is when I create a local user in Palo Alto firewall. I´ve got connection to Ldap servers, and in system log it appears User 'xpto\administrator' failed authentication. Reason: User is no...

Resolved! Captive Portal Logout URL

When using captive portal in vwire transparent mode, the PAN device presents a custom URL for the logon page. Is there an associated URL that can be referenced to log a CP user off? This would of course only be for the source IP address of the requestor. Just curious really as a particular scenario I am testing requires a significant inactivi...

Resolved! Sawmill with PAN URL logs

Hello,has anyone integrated PAN URL logs successfully with Sawmill for detailed reporting?Would need some help on that given that we need to get browse time per user.thanks

vinesh by L2 Linker
  • 4250 Views
  • 2 replies
  • 0 Likes

license-expired

Our PA2020 has started to categorize all visited URLs as <license-expired>. Nevertheless, our URL Filter License is not expired. I configured the PA2020 to block all URLs when license is expired ... and now that´s what our PA2020 actually does: all URLs are blocked. That means that the URL Filtering License is expired ... but it is not ......

PAN OS 3.0.8 to 3.1.1 upgrade and backup file question.

Hi All,I have question regarding PAN OS. Existing i am using PAN OS 3.0.8 and PAN Agent 3.0.2..I want to upgrade to PAN OS 3.1.1 version and the model is PA-500.1. Can i use back my existing configuration from 3.0.8 firmware to load on the new firmware 3.1.3?2. Can i backup configuration on PAN Agent 3.0.2 and load it to PAN Agent 3.1.2?3. What...

jeffhooi by Not applicable
  • 3327 Views
  • 3 replies
  • 0 Likes
  • 24396 Posts
  • 123 Subscriptions
Top Solution Authors
Labels