General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

 

Rules and Best Practices

 

  1. Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion
...

JayGolf by Community Team Member
  • 315 Views
  • 0 replies
  • 0 Likes

Resolved! Firewall Reboot with Some Critical Comments

Hi everyone,

 

Devices get restarted suddenly with critical comments. Firstly DP restarted and after that system restarted. I will share the critical comments that are from autoassistant. We faced with this issue 2 times. For the first one; TAC engin

...

talhatemel_0-1660033907601.png

Resolved! Blocking DNS-over-https

Hi,

 

I plan to create security policy rules to block dns-over-https and dns-over-tls.   Is it also recommended to block dnscrypt?  

 

In regards to dns-over-https.  If the browser attempts this and fails, does it fallback to using the client's configure

...

ce1028 by L4 Transporter
  • 12143 Views
  • 6 replies
  • 0 Likes

Resolved! Disable ciphers

Hi guys,

 

Would like to know how to disable the following ciphers:

 

TLS_DHE_RSA_WITH_AES_256_CBC_SHA
TLS_DHE_RSA_WITH_AES_128_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_AES_256_CBC_SHA
TLS_RSA_WITH_AES_128

...

JingKai by L1 Bithead
  • 2422 Views
  • 2 replies
  • 0 Likes

What is the range for sequence number in userID logs ?

What is the seqno field in userID logs(below link) ? What is the range for that? Will it rollover when it reaches the maximum ?

 

https://docs.paloaltonetworks.com/pan-os/10-0/pan-os-admin/monitoring/use-syslog-for-monitoring/sysl...

 

User-ID 

saswins by L1 Bithead
  • 1476 Views
  • 0 replies
  • 0 Likes

UserID Monitored server (WinRM-HTTP) gets Kerberos error.

Hi,

We tried this: https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/user-id/map-ip-addresses-to-users/configure-server-monitoring-using-winrm

It seems like config is OK but we are getting "kerberos error" in status ofr this server monitored. W

...

BigPalo by L4 Transporter
  • 20978 Views
  • 6 replies
  • 0 Likes

PCNSE certification

Spoiler
Spoiler

Hi All,

I am looking to certify myself with PCNSE certification. Is there any active promo/vouchers for discounts available?

 

Pls suggest.

Hi All, I am looking to certify myself with PCNSE certification. Is there any active promo/
...

Software End-of-Life policy vs end of support

How long will a software listed as end of life ( https://www.paloaltonetworks.com/services/support/end-of-life-announcements/end-of-life-summary ) be supported? I have read conflicting information on this.

 

I suppose support could be defined as:
1) Rec

...

Reading counter flow errors

Hi All,

 

Apologies as I am still new and trying to learn Palo Alto. I encountered an issue wherein a new switch is causing a large number of packet drop parse. I found it on the IP below. How do you interpret the logs generated? 

 

 

The 10.5.4.10

...

mudvayne15_0-1660691821831.png
mudvayne15_1-1660691830234.png

Unable to categorize my companies URL

Hi,

 

I am unable to categorize my companies URL on behalf of one of our customers, that uses a Paloalto firewall.

 

My colleague received the following message when attempting to perform this action:

 

 

"In the meantime, Palo Alto Networks URL Filt

...

Resolved! QoS Configuration Subnet /32

I have followed below link to configure a QoS setting for testing purpose. 

Configure QoS (paloaltonetworks.com)

 

I have specify only 1 ip 192.168.1.x /32 in QoS profile and also tried to specify in the interface clear text traffic. 

In the result t

...

JiaXiang by L4 Transporter
  • 2440 Views
  • 3 replies
  • 0 Likes

Resolved! Upload and Download QoS

May I ask how to configure upload and download QoS?

I have tested whether I perform upload or download, the QoS always hit LAN->WAN policy. The result is different from what this article said.

https://live.paloaltonetworks.com/t5/general-topics/qos-b

...

Resolved! HELP - my Website is being blocked by GlobalProtect

We have produced a new website for a customer https://vertexgis.uk/ , but their key target audiences in the  UK  all use GlobalProtect and their website is being blocked as it is seen as a new site although it is now about 3 months old.
Please can an
...

  • 23823 Posts
  • 112 Subscriptions
Top Liked Authors
Labels