General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Logging and Change Management in Prisma Cloud

Summary: There is currently a size limit of 128kb in compute console history logs. It's likely to hit this limit and then only an error will display in the changes section: "diff size exceeded limit (128KB)". This makes the history log useless for auditing a specific endpoint, as experienced by multiple users. Are there ways to overcome th...

Strange behavior

Hi, facing issue where directed interfaces traffic is not working (from DMZ zone to Servers zone) , while from Inside ZONE to SERVERS is working fine despite inside users SVI is core switch then static route from core switch to paloalto while for users inside DMZ zone their gateway is FW itself (also DHCP ) and no routing is needed to reach SE...

mhmameen by L1 Bithead
  • 1300 Views
  • 1 replies
  • 0 Likes

Resolved! Virtual Router Best Practice - Guest Network

Hi, We don't have dual ISP but we do have STS VPN that connects our offices to our Cloud Infrastructure. At the moment all the interfaces share the same virtual router. So assuming the traffic from source to destination was allowed in a security policy then it will be able to route to the remote subnets via the STS VPN interface. We have ...

jbusby by L1 Bithead
  • 2729 Views
  • 1 replies
  • 0 Likes

WinRM-HTTP fails with the error 401

Hello, I'd like to request some advice on trying to shift away from WMI to WinRM-HTTP/S based User-ID. I followed the set-up guide by Palo and User-ID server monitoring is able to connect to the domain controller over WinRM-HTTP, but only every hour. If I set session monitoring to something less than 3600 seconds, each attempt by the user-id se...

Megrretz by L1 Bithead
  • 30740 Views
  • 9 replies
  • 0 Likes

Reliable metrics to conclude an asset's defended status in Cloud Discovery

The "defended" status, attached to each Cloud Discovery discovered asset, is not reflecting the asset's actual defended status. Across registry, serverless, hosts, etc, Prisma Cloud Discovery uses a loose definition to conclude the defended status of assets. For instance: Registry scans -> Looks at the registry settings, does it have a s...

user-id WinRM-HTTP connection refused

hiafter configuration of agentless user-id using Kerberos with WinRM-HTTP (was hard to get it working needed pa support for it)i encounter this issuei got 2 DC in my environment DCA and DCBWhen DCA is restarted i get Connection refused on both DCA and DCB in server monitoring i get error connection failed, HTTP code 100, Timeout was reached for ...

VM Setup on new laptop

Hell everyone, I'm facing issue regarding setup of VM on my new laptopn (Lenovo). Can anyone guide me how can setup it?

Tim9990 by L1 Bithead
  • 1250 Views
  • 1 replies
  • 0 Likes

TCP Retransmission & RST

We have a digital application on Android and IOS but when user is trying to access from IOS platform and access the application. During application browsing user is unable to access certain paths of application. And at that time we check on our Palo Alto we get continuous retransmissions on packet captures. And it is happening when accessing a...

muhammaduzair_0-1704136560202.png

Firewall unstable

Hi Everyone! I have this weird scenario always happening. One time my firewall suddenly cannot access go outbound the net using data interfaces and then I checked my config 5x but all are good. So I rebooted the firewall just to see if it was a bug. And it worked! So I left it running for a couple of days and then the same scenario happened a...

10.1.3 - PAN-OS Certificate Expiration on Dec 31 2023

Hello All, I checked my client's firewall, they are using 10.1.3 version. Scenario 1 : Data distribution, based on the Device -> Monitor -> Date Redistribution -> Agents page it is blank and not configured. Scenario 2 : The firewall is placed at the DMZ between the Control network and the Enterprise network, i checked Objects -> UR...

KJTeoh by L0 Member
  • 1847 Views
  • 1 replies
  • 0 Likes

Why am I seeing not seeing the dropped packets in my traffic feed?

The way my firewall is configured, the wireless traffic gets routed to the internal traffic through it. After connecting my laptop to the wireless on our network, I am unable to reach a software that was recently implemented for some reason. I was tracing down what could've been the issue for hours. I logged into the firewall and went straight t...

Traffic not in logs but in Packet Capture

I'm having issues with my garage door opener thru my PA 220 FW, v9.1.6, with the latest dynamic updates.It uses DNS and TCP 8883 to communicate to the MyQ servers. In Monitor>Logs>Traffic, I can see DNS traffic from the opener to 8.8.8.8 with return bytes, but no other traffic. In Session Browser, I see the 8883 traffic but hitting the Int...

  • 24393 Posts
  • 123 Subscriptions
Top Solution Authors
Labels