General Topics

Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

 

Rules and Best Practices

 

  1. Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion
...

JayGolf by Community Team Member
  • 650 Views
  • 0 replies
  • 0 Likes

Pre-defines application not working ?

Apology for asking multiple question for the past one week..

 

We've define a policy to allow active-directory-base application which includes most of the AD standard ports, but the traffic is not hitting the policy, eventhough the destination ports ar

...

annielee by L2 Linker
  • 1831 Views
  • 1 replies
  • 0 Likes

Resolved! Service route and DHCP interface

Hello,

 

We have PA-220 devices that are configured with DHCP interface for Internet access. We need to change the service route config for all update-related trafic (URL, dynamic contents, EDL, ...) since default mgmt interface has no Internet access.

...

Unable to access Google Drive

Hi,

Google drive is allowed in Gsuite url category but user is able to access gmail and google calendar but when try to access Google drive and Docs and sheets,it is being blocked by firewall under storage-and-backup category.

What is the possible so

...

User-ID rule to bypass HIP check not matching.

Hi all,

 

I have a rule to allow certain Global Protect users DNS and RDP traffic by matching the user-id. However, even though it looks like the traffic should match when I view the traffic log it's not?! For some users the rule works fine but others

...

Resolved! Best/Most Efficient way to view exact URLs

We're currently in the process of moving over from Cisco to Palo and are still trying to work through everything.

 

We currently have a URL profile attached to every policy and the only actions we have on categories are allow and deny. Should we set

...

bafergel by L2 Linker
  • 3148 Views
  • 3 replies
  • 0 Likes

External Dynamic List retrieval on PAN-OS 9.1.2

Hello message board, this is my first post!!!!

 

I am trying to set up a EDL feed from XSOAR into the NGFW for O365 IPv4 addresses. Tested the feed using curl, both locally and remote, and it is working. The issue is fetching the list from within the N

...

Source ip region/country showing incorrect on PA firewall

In the Palo alto firewall for the public ip 205.254.183.218 source ip region is showing as US. but user is located at India.
we have given access on firewall for source region India only for inbound traffic.

In the traffic logs source country is showin

...

SurajN by L2 Linker
  • 3546 Views
  • 3 replies
  • 0 Likes

Ubuntu 18.04 install errors

Hi There, 

 

Running into issues trying to install on Ubuntu 18.04

 

During the install process at the end I get this message:

 

TASK [minemeld : requirements] ******************************************************************************************

...

bsmith2 by L1 Bithead
  • 30087 Views
  • 37 replies
  • 0 Likes

Syslog server flapping passive firewall.

I have Syslog configured in my firewall. but I am getting alerts on the passive firewall for two weeks.

The service route is configured via the management interface. the alerts are generated frequently.

The active firewall is working fine.

 

Below is the

...

Jafar_Hussain_0-1622718681915.png

PANGP virtual adapter disabled automatically

Many of users are facing issue in connect Global Protect VPN. We notice when we restart PANGP virtual adapter disabled automatically .we restart service and after that issue fix for day or two day’s but again this issue persist. Requesting you please

...

SurajN by L2 Linker
  • 25738 Views
  • 2 replies
  • 0 Likes

JSON format

I have a PAN config that is in json format that I want to implement on a 3060 fw.  It seems that the fw will only take config in "set" command format or .xml.  I am new to PANOS, I know in JUNOS you could do a "load override terminal" and drop this f

...

Resolved! Global Protect ios internal gateway no username?

I have internal gateways that are functioning normally with Windows and Macs.   New Ipads we are working with will recognize internal connection, and show "connected internal",  but I do not see a username come through in the logs.   I thought a user

...

Sec101 by L4 Transporter
  • 3903 Views
  • 4 replies
  • 0 Likes

SMTP default port change in panos 9.1.6

Hi Team,

 

We are configuring email server for critical system alert.

 

We have got gateway IP and port as 587. By default i think port 25 is supported for SMTP. 

Is it possible to change port number 587 in panos 9.1.6 ?

This option is available in panos 1

...

  • 23947 Posts
  • 113 Subscriptions
Top Liked Authors
Labels