General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Resolved! Global Protect for Linux

Is there support for the Global Protect client for Linux? It's not a download option when logging into the portal via https. If not, is there a way to connect using Java? Would NetConnect work?_

Resolved! Master Key issue with Panaroma managed firewall?

Ok so I may have made a mistake but I want to know the steps to recover and gain control back. I changed the mastr key on Panorama and then proceeded to deploy same master key to 2 test firewalls. Both failed, one is a standalone VM, another to be removed disconnected HA pair, one of them in the pair is already turned off. I then reverted conf...

raji_toor by L4 Transporter
  • 4014 Views
  • 2 replies
  • 0 Likes

Mute the Music while on Hold

While waiting on hold for support, is there a way to mute the hold music? The same 35-second loop for 30+ minutes is just too much. Especially when you had a time slot reserved for an engineer.

JMRLT by L0 Member
  • 4983 Views
  • 3 replies
  • 2 Likes

Apt-Get Traffic Allowed but Vendor Receiving Install Error

We are working with a vendor who is attempting to install apt-get files onto our test server 172.23.10.44. Traffic was not allowed yesterday, but now is today after I associated application of "apt-get" to application group. Now traffic is allowed, but the vendor is stating the following error still which they were getting before I made the chan...

Bullix36_0-1660749258389.png
Bullix36_1-1660749377889.png
Bullix36 by L0 Member
  • 3615 Views
  • 2 replies
  • 0 Likes

Authenticated NTP, what do you use?

Hello Community, While I already have googled and found some solutions, I would like to get input from you to see what you have used and works well. In a windows environment, what do you use to point your PAN's NTP configuration to an authenticated server? I know domain controllers use Kerberos with other windows systems, but not 3rd party devi...

Change in NetFlow behavior in PAN-OS 10

Hey guys, Here's another one of the issues I have run into after upgrading to PAN-OS 10. Application usage statistics received by NetFlow are now displayed in Petabps / Pbytes on my NetFlow servers!I have confirmed that my NetFlow server hasn't been touched since updating the firewall to PAN-OS 10.I have also set up a separate NetFlow server and...

warface by L1 Bithead
  • 3244 Views
  • 2 replies
  • 1 Likes

Resolved! GlobalProtect user in RDP login?

Anyone know why, after installing Globalprotect, I see an empty user account with the GlobalProtect icon as an option when trying to RDP to remote desktops? I've noticed it on every machine after installing GP... I'm hoping it is a config option that can be turned off somewhere but I'm not sure what it is for. On my home computers it is actuall...

GP-account.png
jsalmans by L4 Transporter
  • 5694 Views
  • 4 replies
  • 0 Likes

I really need to be able to open up support tickets

Message boards and communities are not going be sufficient for our day to day needs. It has become impossible to actually open a support case. I need detailed instruction on how to open a support case that connects me with a live person.

Sbrown88 by L0 Member
  • 1645 Views
  • 1 replies
  • 0 Likes

Moving rules and objects between VSYS (device groups) in Panorama

I am trying to move security rules from one VSYS (or rather device group) to another VSYS in Panorama. It fails when I try to use 'Move' in GUI because objects (addresses, services) are not moved yet. But when I try to move objects I can't because they are used in rules which are not moved yet.... typical Catch22;) So I am trying to use copy in ...

niuk by L3 Networker
  • 3397 Views
  • 2 replies
  • 0 Likes

Resolved! Firewall Reboot with Some Critical Comments

Hi everyone, Devices get restarted suddenly with critical comments. Firstly DP restarted and after that system restarted. I will share the critical comments that are from autoassistant. We faced with this issue 2 times. For the first one; TAC engineer said us this is a version bug and fixed on 10.1.6. Now device already on 10.1.6 but faced wit...

talhatemel_0-1660033907601.png

Resolved! Blocking DNS-over-https

Hi, I plan to create security policy rules to block dns-over-https and dns-over-tls. Is it also recommended to block dnscrypt? In regards to dns-over-https. If the browser attempts this and fails, does it fallback to using the client's configured dns servers?

ce1028 by L4 Transporter
  • 14930 Views
  • 6 replies
  • 0 Likes

Resolved! Disable ciphers

Hi guys, Would like to know how to disable the following ciphers: TLS_DHE_RSA_WITH_AES_256_CBC_SHATLS_DHE_RSA_WITH_AES_128_CBC_SHATLS_ECDHE_RSA_WITH_AES_256_CBC_SHATLS_ECDHE_RSA_WITH_AES_128_CBC_SHATLS_RSA_WITH_AES_256_CBC_SHATLS_RSA_WITH_AES_128_CBC_SHA Can i follow the following KB to disable:https://knowledgebase.paloaltonetworks.com/...

JingKai by L1 Bithead
  • 3532 Views
  • 2 replies
  • 0 Likes

UserID Monitored server (WinRM-HTTP) gets Kerberos error.

Hi,We tried this: https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/user-id/map-ip-addresses-to-users/configure-server-monitoring-using-winrmIt seems like config is OK but we are getting "kerberos error" in status ofr this server monitored. Where can we see whats happening about this error? useridd logs doesnt show anythimng.

BigPalo by L4 Transporter
  • 28788 Views
  • 6 replies
  • 0 Likes

Software End-of-Life policy vs end of support

How long will a software listed as end of life ( https://www.paloaltonetworks.com/services/support/end-of-life-announcements/end-of-life-summary ) be supported? I have read conflicting information on this. I suppose support could be defined as:1) Receive general tech support if a case is opened2) Receive software updates forissues I ask as 8.0 i...

  • 24393 Posts
  • 123 Subscriptions
Top Solution Authors
Labels