General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Error generating a new certificate

Hi, we are trying to generate a new elf-signed certificate in Panorama and we receive this error: Failed to insert certificate into configuration. Failed to find beginning of certificate. Make sure certificate starts with BEGIN CERTIFICATE tag. This is the certificate and the error: Why are we receiving this error?

cert1.JPG
cert2.JPG
BigPalo by L4 Transporter
  • 19979 Views
  • 16 replies
  • 0 Likes

Firewall Traffic flagged as unknown-tcp using port 31200

Hello, Seeing some traffic for Unknown-tcp using port 31200. I'm in the process of refining our firewall rules to be more granular and for this current rule has an any app on any service applied with no restrictions. Trying to see what I can create for this particular traffic in a separate rule. Is there a way to determine what this is exactly? ...

Join Us For a Fuel Workshop on GlobalProtect Troubleshooting Techniques (APAC Region Sept 17-18)

Fuel Workshop on GlobalProtect Troubleshooting Techniques Welcome to the next in our series of Fuel Workshops where will be covering troubleshooting techniques for GlobalProtect. Over the next two days, we will be learning a number of items related to supporting as well as best practices around how to build a proper GlobalProtect environment...

emgarcia by Community Team Member
  • 2894 Views
  • 3 replies
  • 4 Likes

random-drop vs drop - zone protection

For TCP flood logs should only show "random-drop" with RED configured."drop" for TCP flood is this coming from options set under "TCP Drop" options under Packet Based Attack Protection.

image.png
raji_toor by L4 Transporter
  • 11522 Views
  • 11 replies
  • 0 Likes

Resolved! Palo Alto PAN-OS Adv threat and AV Update scheduling

Hi, Newish to Palo Alto and learning about the automatic download and updates and watching the training videos. If I set the PA to check every 24hours and come back a week later and can see a list of Updates. Do I need to download all of updates, or by clicking the latest one to download, is the firewall clever enough to know it needs to downloa...

M.Gannon by L1 Bithead
  • 1271 Views
  • 1 replies
  • 0 Likes

Resolved! translate.googleapis.com is categorized as private IP addresses

Hello, I'm wondering if anyone else has encountered this.When a user wants to use the translation function in Chrome, it doesn't work. I looked at the logs and saw that the URLs are categorized as private IP addresses, which is blocked for us. The question is why the URLs are classified as private. A test on "Test A Site" resulted in the correct...

SDwel_0-1752561333337.png
SDwel_1-1752561362349.png
S.Dwel by L1 Bithead
  • 3838 Views
  • 4 replies
  • 0 Likes

Download executable GP from mobile phones

Hi, I wanted to know if it's possible in Palo Alto, when you connect to the portal via https://vpn.xxx.com and authenticate from mobile phone, that instead of displaying the laptop executables, you get a redirect to the app market or the option to download the GP APK. Something like the FW PA knowing the agent from you are connecting in order to...

BigPalo by L4 Transporter
  • 1019 Views
  • 2 replies
  • 0 Likes

VPN tunnel monitoring/alerting

When NOT using tunnel monitoring and keying off events ids for "tunnel-status-up/tunnel-status-down", what is the best logging to alert on for tunnels going up or down?Is it only alertable/trackable by ( eventid eq 'ikev2-nego-ike-dpd-dn' )Or is there a better way to alert when NOT using tunnel monitoring on when a tunnel is hard down? Assumi...

Sec101 by L4 Transporter
  • 688 Views
  • 1 replies
  • 0 Likes

decryption error with Anydesk

Dear Community! I´m trying to use Anydesk and it only works with decryption policy disabled, somehow the predefined exclusion for Anydesk is not working. While checking the decryption logs I can see the following error: "tlsv1 alert insufficient security. Received fatal alert InsufficientSecurity from server" Does anyone have an idea the rea...

Carracido by L4 Transporter
  • 1711 Views
  • 1 replies
  • 1 Likes

Resolved! Source Address - Show ipv4

I just upgraded from a PA 500 to a PA 820 and something is throwing me for a loop. In all of my reports and in the monitoring section under App Scope the firewall is reporting what appears to be ipv6 addresses, they are in the format of: "::678b:540:ffff:0". I'd prefer to see the ipv4 address as it is much simpler to hunt down the offending us...

Screen Shot 2021-07-08 at 8.26.00 AM.png

Can ACC data really display data per user group?

Hello! I´m trying to filter data, in particual user activity, by using filter "user group" however I only have the data filter by user or IP, not using the group. Do you know if you can actually filter data from any widget of the ACC by using the user group? Thanks!

Carracido by L4 Transporter
  • 853 Views
  • 1 replies
  • 0 Likes

versions 10.2, 11.1, 11.2 - which is best?

of the current trains 10.2, 11.1, 11.2, which would be the best in terms of robustness and stability? I am running PA-440 and PA-3250. The later trains dont have any features i need over and above what is available in 10.2.

  • 24401 Posts
  • 123 Subscriptions
Top Solution Authors
Labels