General Topics
cancel
Showing results for 
Search instead for 
Did you mean: 
General Topics

Forum Posts

Resolved! GlobalProtect, Working from Home, Prisma Access and Covid-19

To all, Just wanted to post a message about the Hot Topic right now, which is Covid-19. With all of this going around, everybody's health and safely is the utmost concern. Keeping your hands clean, washing your hands (A LOT), using hand sanitizers, a...

jdelio by Community Team Member
  • 21761 Views
  • 43 replies
  • 32 Likes

Global protect AD strange issue

I have a strange and critical issue. I have Always-on type global protect with cert based username and OTP authentication method on handful of user machines. I have set the captive portal timeout for 0 and enforce network access under portal app sett...

Error when using stdlib.syslogMiner

Hi together, I am trying to import PANOS-Threat Logs into MineMeld using the syslogMiner. I have configured the Miner and the LogForwarding via Panorama and can see the incoming logs at the Minemeld instance using tcpdump. Still I see no indicators i...

Resolved! Panorama External Dynamic Lists

I had to RMA our m-100 and when I did that I lost the external dynamic lists on the PANORAMA itself. They are still locally on the managed FWs but I cannot referrence them on the Panorama. Of course that broke all outbound traffic because the top rul...

drewdown by L4 Transporter
  • 1289 Views
  • 2 replies
  • 0 Likes

Moving Panorama M100 function to M500

Seems M100 does not support PAN OS 9.0We have Physical M100 running as Panorama mode.Also we have M500 running as Log collector mode. Can we move config of M100 to M500 so they can manage all the firewalls?

MP18 by Cyber Elite
  • 920 Views
  • 1 replies
  • 0 Likes

Panorama 8+: Can you override EDLs in child Device Groups?

Currently running Panorama 7.1. We'll be upgrading to 8.1 in October-ish. According to the documentation for 7.1 and 8.1, you can create an EDL in Device Group A, and it will be inherited by all child device groups below it. This is working. Accordin...

fjwcash by L4 Transporter
  • 1289 Views
  • 1 replies
  • 0 Likes

High utilization caused by decryption

I dunno if anybody else has run across this or not but I just felt compared to share. I have been having fairly continious performance problems with a 5050 cluster and last night I isolated at least one culprit that's been adding to that problem. We ...

Resolved! Question About PA SSL vulnerability

Hello Team, Can anyone provide a solution resolve below vulnerability in PA. Port no.: 443 Summary: Weak cipher suites supported Analysis :The remote host running SSL using a weak cipher suite which can be exploited by an attacker to perform man in t...

Dynamic Block List - Limit on number of entries?

I've been experimenting with MineMeld and love it - brilliant product  That said, I'm struggling to get a clear idea what the size limit is of each blocklist. https://live.paloaltonetworks.com/t5/Learning-Articles/How-are-Dynamic-Block-List-Entries-...

move from 4 internet lines to one single internet line

Configuration changes in case we move from 4 internet lines to one single internet line ?in Our Current scenario, We have 4 interfaces configured with 4 different Public IP address and each interface is linked to the different router( Internet),each ...

MFayez by L2 Linker
  • 1130 Views
  • 3 replies
  • 0 Likes

Palo Alto Core Firewall HA Active/Active

I have found some issues in running HA Actvice/Active as it relates to config sync. It appears when a red dot on the firewall and an Admin connects their default reaction is sync config. So I noticed that something that replicated to the active-secon...

One Internet line Multiple intefaces

Hi EveryoneIn my sinaro i have one internet line 10 MB and i have 5 zones configured in PA my question . and each zone for different purpose for example (IP SEC - Intenet -Email) 1- how i can provide the internet to multiple zones with a multiple ser...

MFayez by L2 Linker
  • 3100 Views
  • 14 replies
  • 0 Likes

Quality of tech support in recent months

Is it just me? I noticed that it became almost impossible to get a support person on the phone without being on hold for hours...When opening tickets online, it would sometimes take days to schedule remote session and some engineers just don't have e...

PavloJCP by L1 Bithead
  • 2417 Views
  • 13 replies
  • 0 Likes

Resolved! Using External DNS server

We need to isolate the vendor traffic and we do not want this traffic to talk to our internal DNS server for DNS queries.Is it safe to use google dns server and then apply dns sinkhole?We can use the security policies app based and then apply app def...

MP18 by Cyber Elite
  • 952 Views
  • 2 replies
  • 0 Likes

Resolved! DNS security license and traffic flow

We have User where they access the Internet and traffic flow via say Corp PAWe have DNS server which is internal and the DNS traffic to Internet flows via say DMZ PA. On PAN OS 9.0 if i get DNS license on Which PA i should get for?As my understanding...

MP18 by Cyber Elite
  • 785 Views
  • 2 replies
  • 0 Likes
Top Solution Authors
Top Liked Authors