General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Suggestions for Splunk Search/Report

I have several Splunk searches that I use as indicator lists.  Has someone already built a miner/prototype to retrieve these?

 

The generic API examples don't seem sufficient for Splunk's two-step routine (search then retrieve results).

 

https://doc

...

Cannot create custom region

Running 10.1.6-h3 and in Panorama I go to objects, regions and click add but it won't let me add an IP Address.  We only allow US traffic using a deny policy for anything other than the US and I have a need to add a single IP address in another count

...

10.1.6 HA running Config not synchronized - PA 850

Hi All,

I have two standalone FWs in HA. There running config was working fine but for sometime it's not synchronized and I can see below on the dash board. Need your expert suggestion to resolve this.

- disk space is below 80 % on both FWs

- ran >r

...

paragkarki143_1-1657261178378.png
paragkarki143_0-1657261867123.png
Pras by L4 Transporter
  • 3222 Views
  • 4 replies
  • 0 Likes

Resolved! "Decrypted" column in exported CSV of Traffic log?

When viewing the Traffic Log in the GUI, there is a column for "Decrypted" (yes/no).

However when I export the Traffic Log to a CSV, I don't see a column with the same or a similar name.

 

How would I identify which connections were decrypted by look

...

Resolved! Sort columns in Monitor tab?

I feel like an idiot, but how do I sort the columns in my monitor tab? The used to be sorted by generate time, but that doesn't seem to be the case anymore.

mcocat by Not applicable
  • 7625 Views
  • 5 replies
  • 0 Likes

Inter Vsys Routing

Can someone give me some advice please. In the attached diagram is a scenario I have where I need to get traffic logs from Virtual Firewall B across to Virtual Firewall A an up to the SIEM at the x.x.x.x address. I have made the virtual systems visib

...

Global Protect certificate auth user/device information

Currently we have a GP vpn setup for our mobile devices.  We have are doing certificate based authentication, certificate is pushed out through an MDM.  Basically if your device has this cert, your device connects.  Is there a way to capture or pass

...

Doubt with Subordinate-CA Cert in PA firewall

Doubt with Subordinate-CA Cert in PA firewall

 

Good evening, for issues related to for example decrypt as we need a certificate type CA, we can generate a certificate Subordinate-Ca from for example our CA server enterprise windows, import in our Pa

...

Metgatz by L4 Transporter
  • 2396 Views
  • 1 replies
  • 0 Likes

twistlock.sh onebox failure

The following warnings are reported when executing "twistlock.sh -s onebox"

WARNING: You're not using the default seccomp profile
WARNING: IPv4 forwarding is disabled
WARNING: bridge-nf-call-iptables is disabled
WARNING: bridge-nf-call-ip6tables is disa

...

IP Geolocation with Anycast IP addresses

Hi there,

 

I am wondering how geolocation is working with IP addresses where anycast is used.

Anycast addresses are shared by multiple server, typically with different locations.

 

How is such an address assigned to a particular country/region in th

...

Sylvia2 by L1 Bithead
  • 2299 Views
  • 2 replies
  • 0 Likes

Proxy IDs, NAT and IPSec VPNs

Hello,

 

When using IPSec Tunnels with Proxy IDs with NAT to hide source traffic, should the Proxy IDs be set to  the Hide NAT IPs and destinations or the original source and destinations?

 

Thanks & regards

  • 23725 Posts
  • 104 Subscriptions
Top Liked Authors
Labels