General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

MineMeld on Ubuntu 20.04 LTS

Hi Community, since April 2021 is getting nearer, Ubuntu LTS 16.04 is getting nearer to end of life. Is there any version successfully tested for Ubuntu 18.04 LTS or 20.04 LTS? Last time I tried installing it, installation failed due to dependencies or "bad gateway" errors when logging in to MineMeld. Is there a roadmap in general? Looking...

Chacko42 by L4 Transporter
  • 7974 Views
  • 7 replies
  • 1 Likes

Any chance of an Automated Rollback on Palo Alto firewalls?

Hi- Im familiar with Juniper equipment which all have the option to 'commit confirm' which automatically reverts the config change if a 2nd commit is not made within a certain period (default 10 mins I think). Its a life-saver if you have to administer remote devices, bbvsince if your change broke connectivity for any reason, in 10 minutes time,...

Resolved! Azure Palo Alto - ARP Not Found

Hello, Im having a problem with my PA deployment in Azure where i get ARP Not Found counters increase. I can normally resolve the issue by manually adding an ARP entry to the interface with the MAC of `12:34:56:78:9a:bc` but its really not a solution, rather a workaround. The architecture is similar to the above. My Azure PointToSite Gateway giv...

arch (2).png
ashleyk_0-1593612662816.png
image.png
image.png
ashleyk by L1 Bithead
  • 10824 Views
  • 2 replies
  • 1 Likes

Resolved! QoS Class Numbers

Hi Everyone! Just a quick question about classes in PanOS. I can see that there are eight classes named Class1 - Class8.As we use QoS profile rules to assign bandwidth and priority to a class, is the class I choose somewhat arbitrary? For example, I want to assign voice and video traffic to a class, and make it a high-priority class.Can I choose...

Luke_R by L2 Linker
  • 4005 Views
  • 2 replies
  • 0 Likes

Automate policy and object tightening

Firewalls need to be able to improve their own status automatically by adjusting rules, policies and objects automatically to be more secure by using usage date. An example, system a talks to system b on a selection of ports all configured on the firewall. All designed and planned on human logic. After a month some ports have no traffic between ...

Can't access internet without globalprotect connected

Hello, i want to ask something about globalprotecti've configure the GP, and i test the GP to access the internal without problem. and after few hours, that i was called by the user and they told me, the users that work from home, they cannot access the internet without globalprotect connected. (user are not in office network) or now i tell the ...

Resolved! DNS Security - AntiSpyWare Profile/DNS Signatures/Policies Security Policy

Per the steps in the guide, I cloned the default profile and set about to configure the DNS Signatures tab of the new profile. I believe that I want to sinkholeboth the classic signature (with 100k rules in the firewall) and thenewer DNS Security signature which will query PANs cloud database.But then to effect these actions I need to add a secu...

palomed by L3 Networker
  • 3422 Views
  • 1 replies
  • 0 Likes

Resolved! HA1 down , suggestion welcome!

Hello everyone, I am newbies for PA-850 As we placed them into two difference Geo location (e.g DC1 and DC2) and we running A/A, cisco Nexus as corewe have separated allHA1 / mgmt / HA2 / HA2 backupin to DIFFERENCE SUBNET and broadcast domain, and we using mgmt as HA1 backupHA3 configured as FLAT vlan across both sites with no choice and the pro...

split dns issue

We do DNS configuration on GP gateway configuration>agent, for Guest point to public DNS which is 8.8.8.8 1.1.1.1 and employee point to internal dns ip. But when connect GP, both user guest and employee got default dns setting. Why guest user does not get public DNS ip? Anyone can help?

Resolved! Apple SoftwareUpdate.exe got blocked by Cortex XDR

Hello Palo Community, does anybody know why the Apple SoftwareUpdate.exe got blocked by Cortex XDR todayOr has someone else also encountered this Problem? In the Community section of VirusTotal I discoverd a comment that Palo Alto apperently changed the status at one point, yet i have some triggers with this software that came in today. https://...

Resolved! Daily URL Filtering Report within a time frame

Hello, I am trying to produce a report for our head of school accommodation that shows the URL filtering of his borders after a set time each day. Producing the list in the URL filtering tab on the Palo Alto and downloading in CSV format is straightforward, but I would like to automate this process with a daily custom report of the night before....

SPS by L1 Bithead
  • 3935 Views
  • 2 replies
  • 0 Likes

XFF IP does not show the source IPs on the monitor

Hello Guys, The X-Forwarded-For Headers option has already been enabled and it has been set to Enabled for security policy, but the information is not visible.Something else has to be enabled in the device configuration or in the load balancer?I followed this kb.https://docs.paloaltonetworks.com/pan-os/10-0/pan-os-admin/policy/identify-users-con...

  • 24393 Posts
  • 123 Subscriptions
Top Solution Authors
Labels