General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Minemeld - NGINX reverse proxy

Hi

 

I am trying to setup a minemeld server (docker image https://hub.docker.com/r/jtschichold/minemeld/ ) behind a Nginx reverse proxy. This however is to be hosted on a subpath, however I cant seem to get the authentication to work (This all works co

...

Resolved! Can you Exclude an address from your traffic search?

the following search string 
( app eq dns ) and ( port.dst eq 53 ) and ( addr.dst in 8.8.8.8 )

searches and displays all dns traffic using port 53 that has the destination ip of 8.8.8.8

I would like to know if I can look at all dns traffic traveling on

...

Expedition migration tool steps

Hello all,

 

I am planning to migrate our two checkpoint HA clusters (Active-Standby) with Palo Alto with the help of Migration tool. I never used migration tool ever. Can someone brief me steps to be followed for successful migration?

johnde by L2 Linker
  • 2301 Views
  • 1 replies
  • 0 Likes

Resolved! Configure WebGUI certificate from CLI (PanOS 9.0)

Dear all,

lost access to the WebGUI.

opaque: websrvr: Exited 4 times, waiting 1770 seconds to retry

 

Before that I received another email from the firewall:

opaque: Shared certificate xxx and corresponding key have expired.

(OK, I know, my fault)

 

So I sus

...

high MP CPU load due to appweb3 process

PA-5020, sitting on 8.0.4.

From time to time MP load increases rapadily due to appweb3 process going above 300%. Looking like this:

 

There is no direct correlation found between the spikes and actions taken within the GUI. Spike may go on for a while -

...

cpu-load.png
nikoo by L3 Networker
  • 6430 Views
  • 4 replies
  • 0 Likes

QOS Bandwidth Limitation Download & UPLOAD

I would like to understand bandwidth limitation steps on Internet download and upload

 

Example - lets say i want to restrict steaming url category on download and upload

 

1. create QOS policy to map traffic going to inside to Internet  youtube as Class

...

kan0062 by L1 Bithead
  • 3234 Views
  • 1 replies
  • 0 Likes

Resolved! After Forward Trust certificate is renewed

After Forward Trust certificate is renewed is there a way to validate the renewed certificate is working correctly from either GUI or CLI?
Device > Certificate Management > Certificates > Forward UNTrust Certificate

GP prompts for internal gw connectivity

Hi all,

 

I've deployed a GlobalProtect installation solely for the purpose of User-ID. The GP agent connects to the internal portal/GW (one box) upon login with Kerberos SSO. However, when the internal gateway is not reachable (user has no network, us

...

GP GW Prompt.png
Arne-VDH by L3 Networker
  • 4676 Views
  • 12 replies
  • 0 Likes

Resolved! API - Manage Users for VPN access

Hello Community,

 

i'm currently planing a project which should be able to control the VPN user access via the API.

It should be a simple tool where you just need to click a single button. The tool then activates or deactivates the user for that VPN via

...

JustAGuy by L1 Bithead
  • 2224 Views
  • 3 replies
  • 0 Likes

Resolved! TCPDUMP execution

 Hello,

 

I have to do a TCPDUMP to test the communication of my Active Directory because a have a problem with the User-ID service. 

 

I have read the documentation and I don't understand when says that the TCPDUMP captures the traffic that traverses th

...

iscott by L2 Linker
  • 1550 Views
  • 1 replies
  • 0 Likes
Top Solution Authors
Top Liked Authors