General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Hey there

Hey there, Today I joined the community to enhance my Palo Alto and Security Leanings.. Thanks guys in advance. Hoping for great learnings and knowledge sharing!!

Query on Syslog filter builder

Hi Folks, We had configured to forward the system logs for severity of informational, medium, high and critical using filter builder. But we are receiving logs only for informational on our QRadar Syslog. What is the supported format for System log forwarding in PA firewall, we can select only one severity type for each entry or multiple severit...

tamilvanan_0-1646669140328.png

Global Protect MTU setting overwritten

Trying to set MTU for my GlobalProtect client.I've found some information about this in Palo Alto docs.I could not set it with netsh, I think it is because of GPO.But I could set it with the PowerShell command: SET-NetIPInterface -InterfaceIndex 3 -NlMtuBytes 1300When looking in the registry I see now MTU 1300 on the interface to which is assign...

ChrisCon by L2 Linker
  • 5025 Views
  • 2 replies
  • 0 Likes

User-ID limitations for distribution

Hi folks ! Would like your advice on a specific issue about user-id limitations : One of our customer is using one central firewall to redistribute user-id mapping to more than 100 devices, and has issues about user-id process crashing on the central fw.As far as i understood limitations on user-id redistribution, there is a limit of 100 redistr...

HA to standalone best practise

Hello, Good day, I have found many articles related to configuring standalone to HA. However, I don't find related articles for HA to standalone. Is there any good reference guide for changing role from HA (active-active or active-passive) to standalone (including best practise) or pre-caution and steps that we need to take note with and without...

File blocking allow MS 365 Office installs and Windows updates

Hey,If at all possible, please could I ask for some input on the best way I try allow M365 office installs (from their CDN) and Windows updates to our endpoints even though we are not using SSL decryption at the moment? We currently have a policy rule to allow outbound web traffic, matching:any destservice http/https.security profile applied to ...

RaoulG by L0 Member
  • 15421 Views
  • 3 replies
  • 1 Likes

CPS for Flood Protection

For the Flood Protection calculations: Alarm, Activate, and Maximum - the documentation states to use the baseline thresholds (average) for the zone. I have used the OIDs to do this, however, why would I be using the TOTAL ZONE baseline and not just TCP CPS? As how else would I calculate UDP, and IP flood protection? They would ALL be set to...

Resolved! Active-Passive HA failover and Preempt disabled

I have an active passive pair: PAN01- Passive , device priority 50, Preempt- disabledPAN02- Active, device priority 40, Preempt- disabled Now I wanted to switch the priority i.e. to make PAN01 active and PAN02 passive. I changed the priority on PAN02 to 60 and committed configuration, but it remained active and PAN01 remained passive. I had to s...

Resolved! Dual ISP - Will not activate dual default gateway routes

I just installed a firewall for a customer last night and it absolutely refuses to activate the default route for both ISPs in the virtual router. Only 1 will go active at a time. The intent is to just use route monitoring and use the primary ISP unless it goes down. The primary ISP static default route is created with a route monitor.The back...

traylorm by L1 Bithead
  • 3616 Views
  • 1 replies
  • 0 Likes

Identify the user account while using RDP on desktop

Hi,This is just an query, so that I can understand this topic better. Bear with me, since I am not a network specialist.EnvironmentUser works remotely on a laptop and uses GlobalProtect VPN client to remote in on a desktopThe desktop is located in the office, which allows the user to RDP in on it from any location outside the officeThe desktop i...

Multiple IKE crypto profiles on individual interfaces for multiple IPSEC tunnels

Hi, In 2021 we ran into the issue where it seemed between PA-OS 8.1.x and 9.0.x/9.1.x Palo began either via a feature or bug introduced began enforcing the scenario in the subject line and began dropping tunnels after upgrading and causing issues with HA pairs. Define IKE Crypto Profiles (paloaltonetworks.com) At the time Palo identified the abo...

Z33Z by L0 Member
  • 2827 Views
  • 1 replies
  • 0 Likes

Resolved! software update for PA-820 without support contract

hello all,my organization has a PA-820 at a branch location that's been a little neglected. it doesn't have a support contract and it's currently running panos 9.0. I would like to upgrade this at the very least to 9.1, but I'm having difficulty locating the image online to do the upgrade manually. anyone have a link to the software repositories...

  • 24393 Posts
  • 123 Subscriptions
Top Solution Authors
Labels