General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Resolved! User-ID Agent: wildcard support in ignore_user_list.txt

A customer of mine uses a mix of prefixes and suffixes for service and privileged accounts respectively, and needs to ignore these accounts to prevent incorrect mappings. This is especially true where policy applies to non-privileged groups, if a non-privileged user accesses resource with privileged account (e.g. RDP NLA) and their expected poli...

mb_equate by L3 Networker
  • 4855 Views
  • 3 replies
  • 0 Likes

How do you setup FS-ISAC STIX/TAXII feeds to minemeld?

I was following this thread here: https://live.paloaltonetworks.com/t5/minemeld-discussions/fs-isac-new-stix-taxii-feeds/td-p/334068 But nobody responded to my question so I'm starting a new thread hopefully to gain some visibility. We've upped our membership with FS-ISAC which comes with an added annual fee, so being that we are paying for t...

ksauer507 by L3 Networker
  • 6574 Views
  • 2 replies
  • 0 Likes

Auto Assistance

Hi,GuysIs there any documents about Auto Assistance ?I am working at local partner ,just want to learn more about it .

Return traffic log

Is it possible to view return traffic logs in PA. I am running a PBF for HTTP and HTTPS only, it goes through a diff interface. Sites or apps with custom ports (not 80 or 443) not working. I am trying to find the return traffic interface while PBF is in place.

ceapen01 by L2 Linker
  • 3040 Views
  • 1 replies
  • 0 Likes

Resolved! Migration of Panorama configuration

I need to migrate the configuration of a Panorama X to another Panorama Y where I need to split several devices on their own panorama (Y). The plan according to several discussions is to export the config of current panorama X, import into Panorama Y while changing IP address, hostname, etc. This is the step where I am trying to see if it can be...

bambox by L1 Bithead
  • 6292 Views
  • 3 replies
  • 0 Likes

Can a corporate network print to a remote client's printer (Remote User-to-Site VPN)?

I've connected my client pc to my corporate network via Global Protect, and my computer is able to access the resources on my corporate network side. I need to know if there's a way that my corporate network can send a print job to my client computer. More specifically, I need to be able to print forms/pdf's from my corporate network to a printe...

Jamescy by L0 Member
  • 3802 Views
  • 1 replies
  • 0 Likes

Resolved! cli command to check dos attack

we have not implemented the dos or zone protection.Is there any cli command i can use to check the dos attack? i know below for now show counter global | match dos> debug dataplane show dos classification-table> show counter global filter aspect dos> show counter global filter aspect dos delta yes

MP18 by Cyber Elite
  • 6560 Views
  • 2 replies
  • 0 Likes

Zone capacity

Hello We have PA 3060 device on 8.1 code, I know its current capacity is 40 zones. If I upgrade to 9.1 will that capacity for the zone increase? Thanks -Amin

Amin2 by L2 Linker
  • 2209 Views
  • 1 replies
  • 0 Likes

VPN Client with PANOS8

Hi!I've recently had someone complain that the native macOS/OSX VPNclient wouldn't connect to the VPN (PANOS 8.0.6). Turns out that theywere using an unsupported macOS version, and weren't using theglobalprotect client 'because it didn't work'. The official responseto them is a) get a supported version of macOS b) use theGlobalProtect client.But...

dolonipo by L0 Member
  • 2873 Views
  • 2 replies
  • 0 Likes

New Beacon 3.0 is now here!

Not sure if you guys knew, but the latest version of Beacon has been released Beacon 3.0 is now available for your learning pleasure. If you haven't checked it out yet, then you are in for a treat. Beacon has been the Go To place to go when it comes to learning about Palo Alto Networks products and devices.. Read more about it in the Bea...

jdelio by L7 Applicator
  • 3096 Views
  • 1 replies
  • 3 Likes

Resolved! how to downgrade pan os from 9.1.11 to 9.0.10.

Hi Fellas, Can somebody guide for the subject downgrade process? Long story, short I have received new PA units. I want go live with the new one. But the new one is sitting @ PAN OS version 9.1.11. While the old unit which is still in production is running on PAN OS 9.0.10. I know its easy to upgrade the older firewall to 9.1.11. But sadly our ...

Session length calculation - PaloAlto

Hello, does anybody know, how exactly the Session length for a session is calculated in PAN-OS?Is it depended on the system time?--> Would my TTL decrease if the system time changes and therefore reset my TCP session if the threshold of the TTL is reached (Or aged-out with UDP)?Regards,Eric

EMIND by L1 Bithead
  • 6600 Views
  • 7 replies
  • 0 Likes

Anti Spyware best practice

Hi there, I wonder what's best practice in oder to identify theats via the Anti Spyware function. Most of the connections today are encrypted, so using the Anti Spyware function without ssl/tls decryption seems not to be a big security improvement. So there come the following questions to me:- is activation of ssl/tls encryption the only way?- h...

Netzer by L3 Networker
  • 3285 Views
  • 1 replies
  • 0 Likes
  • 24393 Posts
  • 123 Subscriptions
Top Solution Authors
Labels