General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Resolved! PBF is working, but I want to exclude GP

Hello everyone, New here and fighting with my new PA-820. I have 2 ISP's and I want to make the best use possible of those two.So I created a PBF which reroutes HTTP and HTTPS traffic over the 2nd modem.Now I have speeds over 350mbit/s for clients and not bothering other important server data which I have only 40mbit/s for. So this is all workin...

traffic drop for website for some time

im facing issue when accessing website which is hosted on cloud.i have created object of website and called in policy . this issue occurs when i have called object in destination and im trying to access website . if i have access this website as destination put any then it will accessible.

SurajN_0-1629302616883.png
SurajN_1-1629302708937.png
SurajN by L2 Linker
  • 2029 Views
  • 1 replies
  • 0 Likes

Resolved! Single DNS_Proxy Interface serving multiple networks

Hi Sirs/Mesdames, I have a Paloalto with DNS-Proxy activated and serving the LAN interface, let's say: 10.0.0.1 (dns_proxy) Is it possible to point clients from networks on interfaces/networks to use the same dns_proxy configure for LAN (10.0.0.1) Example:client 192.168.0.10 on eth2 could use dns_proxy 10.0.0.1 previously configured for LAN on e...

Resolved! PA upgradation from 9.1.4 to 9.1.9

Hello All, Need my upgrade my PA 850 Series Firewall from 9.1.4 to 9.1.9. Is it supportable or can i do it directly without concerning about Content updates. Please help.

Knowledge sharing: Troubleshooting and investigating full hard disk and full partitions (logs, config, root, etc.) issues on Palo Alto devices.

When the Palo Alto partition is full depending on which partition is full differen issues may happen. The Palo Alto versions like 9.1.x and newer have much less issues with disk space like the 8.1 version, so an upgrade to newer version may help in many cases. 1. Generally I have seen issues becase of full disk where the HA communicaton is im...

Destination Nat using ISP Pool address

Hello All, Need to configure destination Nat with Nat Pool Provided by ISP. Below are the ip details : 182.72.150.0/30--Wan IP Pool182.72.150.2/30--Configure at Palo Alto Interface182.72.150.1/30--ISP gateway IP 182.80.48.176/29--Lan IP Pool Provided by ISP.182.80.48.177-182.80.48.177-182--Usable IP Basically i want to do destination Nat using...

Resolved! ant to check logging rate and disk-utilization used in M200 for log types

We have configured collector group config with local log collector. All firewall's forwarding logs to collector, we can see log incoming rate in panorama for traffic , threat . But for URL , Wildfire and other types of logs logging rate is not showing. Also want to check disk-utilized by each logs type in collector. As we can see overall details...

Deepak25_1-1628884239840.png
Deepak25_0-1628884038538.png
Deepak25 by L3 Networker
  • 4367 Views
  • 3 replies
  • 0 Likes

Content updates compatibility with firmware

Hello All, PA 850 has been delivered at my office with firmware version 9.1.4 and my company has also purchased Threat Prevention, PAN DB Url Filtering & Wildfire Subscription license. Basically i need to upgrade my device to latest firmware of 10.0.x maintenance version with content updates compatible to this. I have checked many sites on g...

Problem with CDN and AVG Update

Hi I have an issue about AVG and CDN. I used PA 220 with Details : Software Version 10.0.6 Application Version 8435-6846 (07/27/21) Threat Version 8435-6846 (07/27/21) Antivirus Version 3791-4302 (07/28/21) Network Layer 3 1. AVG Update Regarding this issue, when I created specific rule with source IP address my workstation for AVG...

Minemeld automatic updates required for future Azure Public IP changes and additions

We have a JSON file from the URL below which is updated weekly: https://www.microsoft.com/en-us/download/confirmation.aspx?id=56519 Ideally, we would like to pull a list of IPV4 IP addresses out from the section "name": "AzureIoTHub", which needs to be converted into EDL format by MineMeld. The list of IPs can then be referenced in the secur...

Yongjie by L0 Member
  • 3076 Views
  • 1 replies
  • 2 Likes

Network Packet Broker

Can network packet broker feature (in PAN-OS 10.1) be used only to mirror some traffic and not expect any return traffic? Like port mirror on switch.

santonic by L6 Presenter
  • 4919 Views
  • 4 replies
  • 0 Likes

questions about Palo Alto Networks

questions about palo alto XDR1.what are the Deployment models in palo alto2. the Modularity of palo alto3. Scope of analysis (types of threats) supported by palo alto 4. Depth of analysis (network layers, application support) supported by palo alto

U-NAT Double NAT - DNAT

Good morning, first of all thank you very much for your support.I have the following case scenario:FQDN: Dyndns ( paloalto01xxxalias.dynalias.net )Modem/router/ADSL dynamic IP PublicModem/router/ADSL LAN IP 192.160.1.254Modem/router/ADSL NAT1-1 to Palo Alto Wan External InterfacePalo Alto Wan Interface 192.168.1.74 Gateway: 192.168.1.254Palo Alt...

Metgatz by L4 Transporter
  • 4674 Views
  • 1 replies
  • 0 Likes

Accessing a specific website triggering Spyware THREAT signatures

Accessing following website is generating Spyware THREAT signatures. Does this means website is compromised and access should be blocked? Website: www[.]51qiti.comwww.51qiti[.]com/faq/Faq1217.htm Triggered signatures:Suspicious PHP Command and Control Traffic Detection(85633)Steganographic Webshell File Detection(85633)

Tanmoy by L0 Member
  • 2944 Views
  • 1 replies
  • 0 Likes
  • 24393 Posts
  • 123 Subscriptions
Top Solution Authors
Labels